Friday, November 6, 2009

Cybersecurity Coordination Act

Earlier this week the Subcommittee on Technology and Innovation of the House Science and Technology Committee approved a committee draft of the Cybersecurity Coordination and Awareness Act. Since the bill has yet to be introduced it is still listed on the Committee web page at HR XXXX, but the Committee does now have a Committee Print of the bill available on its web site. On Monday I noted that this hearing might be of interest to the chemical security community because of potential impacts on control system security development. Now that I have had a chance to read the bill, I am not so certain that this will be important cyber security legislation especially for industrial control system (ICS) security. The only place that ICS are addressed is in an amendment to “Section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g–3)” {§6(b)} that adds a requirement for the National Institute of Standards and Technology (NIST) to “carry out research associated with improving security of industrial control systems’’ {§20(e)(4)}. I would have hoped that NIST was already conducting or sponsoring the conduct of such research without having to be told to do so by Congress.

No comments:

/* Use this with templates/template-twocol.html */