Last Tuesday Rep. Bono-Mack (R,CA) introduced HR 4263, the “Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology (SECURE IT) Act of 2012. While this bill has the same title as S 2151 and the language is nearly identical for large portions of the bill, there are a large number of not so subtle differences between the two bills.
First off there are a large number of relatively wording changes between the two bills. Most of these changes are insignificant and will be of interest only to legal scholars and lawyers arguing civil cases involving cybersecurity matters.
There are a number of significant additions in this bill not found in S 2151. They include grant funding provisions (revised § 413), minor cloud computing provisions (new § 404), the creation of a cybersecurity university-industry task force (new § 405), the establishment of requirements of cybersecurity automation and checklists for government systems (new § 414) and the establishment of an NIST cybersecurity research program (new § 415).
One thing this new bill does is to provide actual continuing funding authority for a number of cybersecurity grant programs over the next three fiscal years. Section 413 is completely re-written (from the S 2151 version) and it now provides funding for:
• Computer and Network Security Research Grants [$90,000,000/year]
• Computer and Network Security Research Centers [$4,500,000/year]
• Computer and Network Security Capacity Building Grants [$19,000,000/year]
• Scientific and Advanced Technology Act Grants [$2,500,000/year]
Of course there is no mention of where the money will come from for these grants. That will have to be worked out before this bill could come to the floor under House Rules.