Wednesday, January 27, 2010

Cyber Security Bill to Rules Committee

The House Rules Committee web site announced this afternoon that they would be holding a hearing on H.R. 4061, the Cybersecurity Enhancement Act of 2009 next week. The Rules Committee web site has a link to the revised version of the bill that was supposed to have been reported by the House Science and Technology Committee. As of the 5:00 pm EST today that report had still not been submitted even though it was directed to be reported back in November. The Rules Committee has announced that they would be accepting proposed amendments through 5:00 pm EST on Monday, February 1st. The bill provides a number of provisions that are designed to increase the study of cyber security issues and establish standards to protect a variety of federal and critical infrastructure computer systems. Unfortunately, there is only one reference to industrial control systems in the entire bill. Section 110 of the bill amends Section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g–3), requiring the NIST to conduct “research associated with improving security of industrial control systems”. There are a number of places in this legislation where there should be references to industrial control systems in general a chemical production systems in particular. The potential changes could include: In the findings section of the bill:
On page 4, line 5, after ‘petroleum production and distribution,’ insert “chemical production and distribution,” On page 5, line 9, after ‘reliable information technology’ and insert “, vigorous industrial control systems”.
In §103, the Cybersecurity Strategic Research and Development Plan:
On page 7, line 10, rewrite to the end of the line after ‘secure networking’ to read “, information technology systems and industrial control systems;”
In §106, the Federal Cyber Scholarship for Service Program:
Throughout the section substitute the term “cyber technology” where ever the term ‘information technology’ is found.
These changes will help to expand federally funded research on security issues for industrial control systems.

No comments:

/* Use this with templates/template-twocol.html */