[Congressional Record Volume 156, Number 17 (Thursday, February 4, 2010)]
[Extensions of Remarks]
[Pages E162-E163]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




                 CYBERSECURITY ENHANCEMENT ACT OF 2009

                                 ______
                                 

                               speech of

                         HON. CHRIS VAN HOLLEN

                              of maryland

                    in the house of representatives

                      Wednesday, February 3, 2010

       The House in Committee of the Whole House on the State of 
     the Union had under consideration the bill (H.R. 4061) to 
     advance cybersecurity research, development, and technical 
     standards, and for other purposes:

  Mr. VAN HOLLEN. Madam Chair, I rise in support of H.R. 4061, the 
Cybersecurity Enhancement Act of 2009.
  I'd like to thank Representative Lipinski, Chairman Gordon and 
Ranking Member Hall for crafting this important piece of bi-partisan 
legislation.
  Cybersecurity is a critical issue in a world with increasing reliance 
on information systems. So much of our personal lives, from bank 
accounts to medical records are online. And much of our world, from 
traffic signals to water purification, operate with industrial control 
systems that are vulnerable to hacking. Indeed, a Wall Street Journal 
article in April of this year reported that cyberspies had penetrated 
the U.S. electrical grid and left behind potentially-disruptive 
software programs and, more recently, the Chinese government was 
accused of being behind a number of cybersecurity attacks which 
targeted U.S. networks, including a breach of Lockheed Martin's F-35 
fighter development program.
  Congress takes this growing threat to the Nation's cyber network 
seriously and has gathered here today to consider a bill designed to 
harness relevant U.S. government resources into a coordinated approach 
to the problem.
  The Cybersecurity Enhancement Act of 2009 authorizes $395 million for 
the National Science Foundation programs aimed at improving 
cybersecurity research--$69 million in FY 2010, $73.5 million in FY 
2011, $79 million in FY 2012, $84 million in FY 2013, and $90 million 
in FY 2014. It reauthorizes existing research and development programs 
and includes ``identity management'' as a new supported research area.
  The bill reauthorizes cybersecurity workforce and traineeship 
programs at NSF, as well as cybersecurity research program, and 
authorizes $609 million in FY 2010 through FY 2014, and $319 million 
after FY 2014, for NSF programs.
  A key player in the Nation's cybersecurity effort will be National 
Institute of Standards and Technology, which has already done 
pioneering work in information security. I am proud to have NIST in my 
Congressional district.
  This measure places a number of new requirements on NIST, which is 
responsible for

[[Page E163]]

setting cybersecurity standards for nonclassified Federal networks. 
Among its many important provisions is a requirement for NIST to 
develop a coordinated plan for U.S. involvement in the development of 
international cybersecurity technical standards that ensures adequate 
U.S. Government representation; the bill requires NIST to develop a 
cybersecurity awareness and education program that would disseminate 
best practices and technical standards for individuals, small 
businesses, state and local governments, and educational institutions; 
NIST is required to engage in research and development programs to 
improve identity management systems, which include health information 
technology systems; and, NIST is required to establish technical 
standards to improve interoperability, authentication methods, privacy 
protection, and usability of identity management systems.
  The bill authorizes $30 million in FY 2010 through FY 2014 for these 
programs.
  According to the Office of Management and Budget and The Government 
Accountability Office, despite spending an estimated $6 billion a year 
protecting nearly $72 billion in information technology infrastructure 
and more than $350 million in cybersecurity research and development 
each year, U.S. information technology infrastructure remains 
vulnerable to attacks, and agencies tasked with its protection are not 
fulfilling their responsibilities.
  Dennis Blair, the director of national intelligence, told members of 
the Senate Select Intelligence Committee yesterday, that ``in the 
dynamic of cyberspace, the technology balance right now favors 
malicious actors rather than legal actors, and is likely to continue 
that way for quite some time.''
  Madam Chair, this bill and the important amendments we will also 
consider today are part of Congress's ongoing efforts to meet this 
growing challenge to the cyber and national security infrastructure of 
the country. I encourage my colleagues to join me in supporting the 
bill.

                          ____________________