[Congressional Record Volume 151, Number 131 (Monday, October 17, 2005)]
[House]
[Pages H8815-H8817]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




  EXPRESSING SENSE OF THE HOUSE WITH RESPECT TO RAISING AWARENESS AND 
ENHANCING STATE OF COMPUTER SECURITY AND SUPPORTING GOALS AND IDEALS OF 
                NATIONAL CYBER SECURITY AWARENESS MONTH

  Mr. SMITH of Texas. Mr. Speaker, I move to suspend the rules and 
agree to the resolution (H. Res. 491) expressing the sense of the House 
of Representatives with respect to raising awareness and enhancing the 
state of computer security in the United States, and supporting the 
goals and ideals of National Cyber Security Awareness Month.
  The Clerk read as follows:

                              H. Res. 491

       Whereas over 202,000,000 Americans use the Internet in the 
     United States, including 53 percent of home-users through 
     broadband connections, to communicate with family and 
     friends, manage their finances, pay their bills, improve 
     their education, shop at home, and read about current events;
       Whereas the approximately 23,000,000 small businesses in 
     the United States, who represent 99.7 percent of all United 
     States employers and employ 50.1 percent of the private work 
     force, increasingly rely on the Internet to manage their 
     businesses, expand their customer reach, and enhance their 
     connection with their supply chain;
       Whereas nearly 100 percent of public schools in the United 
     States have Internet access, with approximately 80 percent of 
     instructional rooms connected to the Internet, to enhance our 
     children's education by providing access to educational 
     online content and encouraging responsible self-initiative to 
     discover research resources;
       Whereas almost 9 in 10 teenagers between the ages of 12 and 
     17, or 87 percent of all youth (approximately 21,000,000 
     people) use the Internet, and 78 percent (or about 16,000,000 
     students) say they use the Internet at school;
       Whereas teen use of the Internet at school has grown 45 
     percent since 2000, and educating children of all ages about 
     safe, secure, and ethical practices will not only protect 
     their systems, but will protect our children's physical 
     safety, and help them become good cyber citizens;
       Whereas our Nation's critical infrastructures rely on the 
     secure and reliable operation of our information networks to 
     support our Nation's financial services, energy, 
     telecommunications, transportation, health care, and 
     emergency response systems;
       Whereas cyber security is a critical part of our Nation's 
     overall homeland security, in particular the control systems 
     that control and monitor our drinking water, dams, and other 
     water management systems; our electricity grids, oil and gas 
     supplies, and pipeline distribution networks; our 
     transportation systems; and other critical manufacturing 
     processes;
       Whereas terrorists and others with malicious motives have 
     demonstrated an interest in utilizing cyber means to attack 
     our Nation, and the Department of Homeland Security's mission 
     includes securing the homeland against cyber terrorism and 
     other attacks;
       Whereas Internet users and our information infrastructure 
     face an increasing threat of malicious attacks through 
     viruses, worms, Trojans, and unwanted programs such as 
     spyware, adware, hacking tools, and password stealers, that 
     are frequent and fast in propagation, are costly to repair, 
     and disable entire systems;
       Whereas consumers face significant financial and personal 
     privacy losses due to identity theft and fraud, as reported 
     in 205,568 complaints in 2004 to the Federal Trade 
     Commission's Consumer Sentinel database; and Internet-related 
     complaints in 2004 accounted for 53 percent of all reported 
     fraud complaints, with monetary losses of over $265,000,000 
     and a median loss of $214;
       Whereas our Nation's youth face increasing threats online 
     such as inappropriate content or child predators, with 70 
     percent of teens having accidentally come across pornography 
     on the Internet, and with one in five children having been 
     approached by a child predator online each year;
       Whereas national organizations, policymakers, government 
     agencies, private sector companies, nonprofit institutions, 
     schools, academic organizations, consumers, and the media 
     recognize the need to increase awareness of computer security 
     and enhance our level of computer and national security in 
     the United States;
       Whereas the National Cyber Security Alliance's mission is 
     to increase awareness of cyber security practices and 
     technologies to home users, students, teachers, and small 
     businesses through educational activities, online resources 
     and checklists, and Public Service Announcements; and
       Whereas the National Cyber Security Alliance has designated 
     October as National Cyber Security Awareness Month, which 
     will provide an opportunity to educate the people of the 
     United States about computer security: Now, therefore, be it
       Resolved,  That the House of Representatives--
       (1) supports the goals and ideals of National Cyber 
     Security Awareness Month; and
       (2) will work with Federal agencies, national 
     organizations, businesses, and educational institutions to 
     encourage the development and implementation of existing and 
     future computer security voluntary consensus standards, 
     practices, and technologies in order to enhance the state of 
     computer security in the United States.

  The SPEAKER pro tempore. Pursuant to the rule, the gentleman from 
Texas (Mr. Smith) and the gentleman from Oregon (Mr. Wu) each will 
control 20 minutes.
  The Chair recognizes the gentleman from Texas (Mr. Smith).


                             General Leave

  Mr. SMITH of Texas. Mr. Speaker, I ask unanimous consent that all 
Members may have 5 legislative days within which to revise and extend 
their remarks and include extraneous material on H. Res. 491, the 
resolution under consideration.
  The SPEAKER pro tempore. Is there objection to the request of the 
gentleman from Texas?
  There was no objection.
  Mr. SMITH of Texas. Mr. Speaker, I yield myself such time as I may 
consume.
  Mr. Speaker, I rise in support of H. Res. 491, a resolution to 
applaud the goals and activities of National Cyber Security Awareness 
Month. Computers and the Internet have been integrated into our daily 
routine in our businesses, schools and homes. These information and 
communication systems underpin our government and they increase the 
productivity of our industries, financial institutions, and 
transportation systems. However, our increasing dependence on computers 
and computer networks exposes our society to the risk of cyber attacks, 
destructive viruses, malicious hacking and identity theft.
  This is why the National Cyber Security Alliance, a cooperative 
effort between government, academia, and industry, has organized 
National Cyber Security Awareness Month for this October. As is only 
proper for a cybersecurity-related effort, there is a central website 
with online resources that offers tips and tools to help computer uses 
protect themselves from viruses, worms, hacker attacks, phishing, 
identity theft, spyware and more.
  In addition to these online resources, there are weekly events all 
over the country on specific cybersecurity topics aimed at consumers, 
students, children, parents, small businesses, and educational 
institutions. Thirty Governors across the United States have issued 
proclamations declaring their

[[Page H8816]]

support and observance of National Cyber Security Awareness Month. And 
as part of these activities, Texas State University hosted a ``Cyber 
Security Awareness Day'' on October 6. In New York, the Governor will 
host a conference on protecting our children on the Internet.
  Of course, cybersecurity is not just an issue in October but year-
round. National Cyber Security Awareness Month is a chance not only to 
raise awareness about computer vulnerabilities and threats, but also to 
inform people about programs that exist throughout the U.S. to educate 
students, parents, business people, law enforcement and government 
employees about cybersecurity. These include programs like a 
cybersecurity camp for high school students in Rome, New York, and an 
Information Technology and Security Academy for high school juniors at 
the University of Texas at San Antonio.
  Cybersecurity is an important part of homeland security. Just last 
month, the Science Committee heard testimony from energy, electric 
power and telecommunications companies about their dependence on 
information systems and their concerns about the Nation's vulnerability 
to cyber attacks. The connectedness of the Internet means that each 
person not only must protect himself in cyberspace, but each person's 
cybersecurity efforts contribute to the Nation's overall status of 
cyber and homeland security. Progress is being made, but we as a Nation 
still have a long way to go.
  In conclusion, I would like to thank the gentleman from New York (Mr. 
Boehlert), the gentleman from Tennessee (Mr. Gordon), the gentleman 
from New York (Mr. King) and the gentleman from Mississippi (Mr. 
Thompson) for their leadership on this issue. We applaud the 
associations, companies, organizations, and agencies involved in 
National Cyber Security Awareness Month for their efforts to help all 
of us become more responsible, safer computer users. I urge my 
colleagues to support adoption of this resolution.
  Mr. Speaker, I reserve the balance of my time.
  Mr. WU. Mr. Speaker, I yield myself such time as I may consume.
  Mr. Speaker, I rise in strong support of House Resolution 491, which 
expresses the support of Congress for the goals and ideals of National 
Cyber Security Awareness Month.
  This resolution was introduced by Chairman Boehlert and Ranking 
Member Gordon of the Science Committee in an effort to help the Nation 
become more aware of certain risks lurking in cyberspace and the 
availability of tools and practices to minimize these dangers.
  I want to congratulate the National Cyber Security Alliance for 
originating the idea for this observance and for its efforts to improve 
cybersecurity. The National Cyber Security Alliance is a public-private 
partnership led by industry that has focused on improving cybersecurity 
for home users, small businesses and educational institutions. The 
alliance seeks to alert computer users to such threats as viruses, hack 
attacks and identity theft, and it provides information to users on 
best practices and technologies available for countering cyber threats.
  National Cyber Security Awareness Month includes a range of special 
events designed specifically for home users, small businesses, and the 
educational community. To attain these objectives, the Alliance will be 
organizing national and regional events, such as small businesses 
workshops, student assemblies and cybersecurity boot camps which will 
take consumer education to the grass roots level. The Alliance will 
also be making public service announcements to urge consumers to 
protect their valuable personal data through online best practices, and 
it will publicize its online resources for computer users, including 
beginner's guides, computer security tips, and free security scans.
  The Committee on Science has recognized for some time that 
cybersecurity is a long-term problem that will require a comprehensive 
approach by government and the private sector and that will require 
greater efforts by both. We held a hearing last month to review the 
security of computer systems on which critical industries rely and 
found that government has made inadequate progress in the development 
of national vulnerability assessments and plans for recovery from cyber 
attacks. We expect and count on the Department of Homeland Security to 
do a better job, and will be closely following its progress.
  Equally important, the general public needs to be made aware of the 
dangers of cyber vulnerabilities and to be encouraged to learn about 
and use effective security practices and tools in their homes and 
businesses. This is the focus of National Cyber Security Awareness 
Month, and I should add that I was just a speaker at GOSCON which is a 
government open source conference in my hometown of Portland, Oregon, 
sponsored by Oregon State University and Portland State University, and 
while cybersecurity is an issue for both proprietary and open software, 
open source code is unique in that the source code is available for 
grass roots users to improve the security of any particular software 
program.
  House Resolution 491 before this Chamber calls attention to and 
endorses the commendable efforts of the National Cyber Security 
Alliance to increase awareness of cybersecurity throughout the Nation. 
This is a message we should all heed.
  Mr. Speaker, I commend this resolution to my colleagues, and ask for 
its support and passage by the House.
  Ms. LORETTA SANCHEZ of California. Mr. Speaker, I rise today in 
strong support of H. Res. 491, a bill expressing the sense of Congress 
regarding the raising awareness and enhancing the state of computer 
security in the United States, and supporting the goals and ideals of 
National Cyber Security Awareness Month.
  As Ranking Member of the Subcommittee on Economic Security, 
Infrastructure Protection, and Cybersecurity of the House Homeland 
Security Committee, I have had the opportunity to work on the broad 
Homeland Security aspects of cybersecurity. However, it is important to 
recognize that cybersecurity includes a wide variety of challenges that 
affect governments, businesses and individuals on many levels.
  The Department of Homeland Security has the considerable 
responsibility of working to protect the computer systems that operate 
some of our nation's most critical infrastructure like dams, oil 
pipelines and water treatment systems. It is essential that the federal 
government coordinate with state and local governments in addition to 
the owners, operators, and vendors of the computer control systems. I 
urge the Department of Homeland Security to act swiftly in building 
better partnerships and information sharing relationships between the 
public and private sectors in order to improve cybersecurity.
  In addition to the government's responsibilities, private businesses 
need to recognize the sensitivity of the information that they store 
and process, and commit to adhering to industry best practices to 
ensure the security of their computer systems. Consumers should be able 
to expect that businesses can and will protect sensitive personal and 
financial information.
  National Cyber Security Awareness Month is also an important tool for 
raising individual citizens' awareness of the steps they need to take 
to protect their personal computers and files from hackers and viruses. 
Every individual should consider protecting their computer by:
  (1) Using anti-virus and anti-spyware programs with firewalls to 
protect against infected incoming files, and outside hacker attempts to 
control your computer.
  (2) Updating software and operating systems with the most recent 
patches from the manufacturer.
  (3) Refusing to provide personal information to unknown, online 
sources.
  (4) Using strong passwords that contain at least 8 characters that 
include numerals and symbols.
  (5) Backing up computer files.
  (6) Educating kids on how to safely use the Internet, and teaching 
them not to give out personal information.
  I hope that Cyber Security Awareness Month will encourage 
governments, businesses and individuals to take steps to improve the 
security of their computer systems, and I urge my colleagues to support 
this important initiative.
  Mr. THOMPSON of Mississippi. Mr. Speaker, I rise to speak about 
``National Cyber Security Awareness Month.''
  In this age of telecommunications, never before has it been easier 
for people around the globe to communicate, do business, and learn from 
one another. With the Internet, we can pay our bills, converse 
electronically with each other in real time, and read millions of 
articles in almost every publication around the world.

[[Page H8817]]

But while the Internet presents us with great opportunities, it also 
imposes great challenges. As we become increasingly reliant on 
technology to assist us in our daily lives, we must also increase our 
vigilance in protecting that technology from those who wish to use it 
for malevolent purposes.
  Individuals should follow some simple, basic steps to protect 
themselves and their personal information when they use the Internet. 
Using strong passwords, anti-virus software, and firewalls are all ways 
to self-secure one's online information. Furthermore, online consumers 
must be particularly careful about whom they are dealing with to ensure 
that their information does not wind up in the wrong hands.
  While there are many things that individuals should do to protect 
themselves, our federal government must also remain vigilant in 
protecting our nation's electronic infrastructure. Across America, 
millions of people rely on computerized control systems to provide 
electricity, monitor oil pipelines, distribute water, and harness 
nuclear power. Though many of these systems are secure, terrorists and 
hackers presently seek to infiltrate vulnerable computers to wreak 
havoc and destroy our way of life. The results of a cyber attack 
against our nation's critical infrastructure could be incredibly 
damaging to our economy and may possibly result in significant losses 
of life.
  Led by the Department of Homeland Security, the federal government is 
aware of the harms of a cyber attack and is working to prevent any 
damaging attacks. But although our nation has thus far avoided becoming 
the victim of a significant cyber attack, we cannot be complacent. I 
commend the hard work by DHS to strengthen and secure our cyberspace, 
but encourage the agency to dedicate more time and resources to this 
issue.
  DHS as a whole has been slow in completing its critical 
infrastructure protection policies, an important goal in protecting 
America's cyberspace. In December 2003, President Bush issued 
Presidential Directive 7: Critical Infrastructure Identification, 
Prioritization, and Protection (HSPD-7) establishing a national policy 
for federal departments and agencies to prioritize critical 
infrastructure, including cyber-related infrastructure. DHS was charged 
with developing the National Infrastructure Protection Plan (NIPP) to 
serve as the guide for protecting infrastructure. The NIPP was due in 
December 2004. In February 2005, an ``Interim NIPP'' was issued, 
setting a deadline of November 2005 for the ``Final NIPP.'' According 
to the General Accounting Office, the ``Interim NIPP'' was incomplete: 
it lacked both national-level milestones and sector-specific security 
plans. The ``Final NIPP'' remains incomplete to this day.
  The GAO has also criticized DHS for failing to build better 
partnerships and information-sharing relationships between the public 
and private sectors to improve cyber security. Such partnerships are 
essential to effective coordination among all levels of government and 
between the public and private sectors. DHS has also failed to develop 
or deploy an effective analysis and warning system in the event of a 
cyber attack. This is an important step in preparing the country for 
cyber attack.
  Securing our cyberspace is not an obligation we can afford to delay. 
I encourage DHS to act quickly in addressing these issues, just as I 
encourage all Americans to take pro-active measures in protecting 
themselves online. Let's all recommit ourselves to protecting our 
personal information and our national cyber infrastructure during this 
``Month of Awareness'' and in the years ahead.
  Mr. WU. Mr. Speaker, I have no further requests for time, and I yield 
back the balance of my time.
  Mr. SMITH of Texas. Mr. Speaker, I have no further requests for time, 
and I yield back the balance of my time.
  The SPEAKER pro tempore. The question is on the motion offered by the 
gentleman from Texas (Mr. Smith) that the House suspend the rules and 
agree to the resolution, H. Res. 491.
  The question was taken.
  The SPEAKER pro tempore. In the opinion of the Chair, two-thirds of 
those present have voted in the affirmative.
  Mr. SMITH of Texas. Mr. Speaker, on that I demand the yeas and nays.
  The yeas and nays were ordered.
  The SPEAKER pro tempore. Pursuant to clause 8 of rule XX and the 
Chair's prior announcement, further proceedings on this motion will be 
postponed.

                          ____________________