[Congressional Record Volume 148, Number 130 (Monday, October 7, 2002)]
[Senate]
[Page S10051]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

      By Mr. THOMPSON:
  S. 3067. A bill to amend title 44, United States Code, to make 
Government information security reform permanent, and for other 
purposes; to the Committee on Governmental Affairs.
  Mr. THOMPSON. Mr. President, I rise today to introduce a bill which 
will make permanent a law which was intended to protect the security of 
Federal computers and information systems. Over the years, numerous 
Governmental Affairs Committee hearings and General Accounting Office 
reports uncovered and identified systemic failures of government 
information systems which highlighted our Nation's vulnerability to 
computer attacks, from international and domestic terrorists to crime 
rings to everyday hackers. As a result, Congress enacted the Government 
Information Security Reform Act as part of the Floyd D. Spence National 
Defense Authorization Act for Fiscal Year 2001, Public Law 106-398. 
Since its passage in the 106th Congress, the law has required Federal 
agencies to develop and implement security policies and provided the 
Office of Management and Budget authority to demand from agencies 
better plans for improving computer security. Unfortunately, this 
relatively new law is set to expire next month.
  The information security legislation upon which the law is based, 
which I sponsored along with Senator Lieberman, was reported by the 
Governmental Affairs Committee and passed by the Senate with no sunset 
provision. A two-year sunset was added in conference providing that the 
law expire on November 29, 2002.
  The bill I am introducing today would repeal the sunset and restore 
the language to what originally was approved by the Governmental 
Affairs Committee and the Senate last Congress. Further, given that the 
law is commonly referred to as the ``Government Information Security 
Reform Act,'' the bill also would codify that short title.
  We must ensure that Federal agencies continue to protect their assets 
and prevent hackers and cyberterrorists from wreaking havoc with 
citizens' sensitive information, such as taxpayer data, veterans' 
medical records, and social security portfolios. We must not let this 
law expire.
                                 ______