[Congressional Record: October 17, 2002 (Senate)]
[Page S10608-S10609]
From the Congressional Record Online via GPO Access [wais.access.gpo.gov]
[DOCID:cr17oc02-214]
THE CYBER SECURITY RESEARCH AND DEVELOPMENT ACT
Mr. ALLEN. Mr. President, I rise today to thank my colleagues for
their unanimous support for S. 2182, the Cyber Security Research and
Development Act. I share the concerns and worries of Senator Bond and
Senator Grassley on many pieces of legislation and important matters
that have not been passed due to various obstructions and problems.
However, I am here to say we actually have done something very
constructive which will soon be helping our country, and that is the
passage of the Cyber Security Research and Development Act.
An extraordinary amount of hard work that went into this legislation.
I thank my colleague from Oregon, Senator Wyden, for his leadership and
continued work in pushing this important measure through the
legislative process.
Our bill, S. 2182, addresses the important issue of cyber and
computer security. It is a truly historic piece of legislation because,
for the first time, it assures and solidifies the Federal Government's
commitment to basic, fundamental, long-term research in computer
security as well as much needed graduate and postgraduate doctoral
fellowships in computer security.
America must act now to protect our security on many fronts. As our
reliance on technology and the Internet has grown over the past decade,
our vulnerability to attacks on the Nation's critical infrastructure
and network systems has also grown exponentially. The high degree of
interdependence between information systems exposes America's network
infrastructure to both benign and destructive disruptions.
Such cyber-attacks can take several forms, including the defacement
of Web sites, denial of service, virus infection throughout the
computer network, and the unauthorized intrusions and sabotage of
systems and networks resulting in critical infrastructure outages and
corruption of vital data. These are just some examples of the problems
that could arise and have previously arisen.
In fact, we have seen past attacks, such as the Code Red virus, that
show the types of dangers and potential disruption cyber-attacks can
have on our Nation's infrastructure. The cyber-threats before this
country are significant and are, unfortunately, only getting more
complicated and sophisticated as time goes on.
A survey last year by the Computer Security Institute and the FBI
found that 85 percent of 538 respondents experienced computer
intrusions. Carnegie Mellon University's Computer Emergency Response
Team (CERT) Coordination Center, which serves as a reporting center for
Internet security problems, received 2,437 vulnerability reports in
calendar year 2001, almost six times the number that were reported in
1999, just 2 years previously. Similarly, the number of specific
incidents reported to CERT exploded from 9,589 in 1999 to 52,658 in
2001. Again, in 1999, about 9,500, to 52,000-plus incidents reported
just 2 years later.
What is alarming is that CERT estimates that these statistics may
represent only 20 percent of the incidents that have actually occurred.
A recent public opinion survey indicates that over 70 percent of
Americans are concerned about computer security and 74 percent are
concerned about terrorists using the Internet to launch a cyber-attack
against our country's infrastructure. One survey shows that half--
half--of all information technology professionals believe a major
attack will be launched against the Federal Government in the next 12
months. Indeed, cyber-security is essential to both homeland security
and national security. The Internet's security and reliability support
commerce and information transfer of vital data in our economy, they
support our critical infrastructures and, obviously, systems that
protect our national defense. At a time when uncertainty threatens the
confidence of our Nation's preparedness, the Federal Government needs
to make the information and cyber-security issue a top priority.
Currently, federally funded research on cyber-security is less than
$60 million a year. Experts believe that fewer than 100 U.S.
researchers have the experience and expertise to conduct cutting-edge
research in cyber-security. In this past academic year, there were
fewer than 30 U.S. citizens enrolled in Ph.D. cyber-security programs.
Our legislation will encourage the kind of research and programs that
will motivate students to pursue Ph.D. degrees in cyber-security
because students will have the opportunity to receive research grants
with the National Science Foundation.
The Cyber Security Research and Development Act will play a major
role in fostering greater research in methods to prevent future cyber-
attacks and design more secure networks. Our legislation will harness
and link the intellectual power of the National Science Foundation, the
National Institute of Science and Technology, our Nation's
universities, and the most creative minds in the private sector to
develop new and improved computer cryptography and authentication,
firewalls, computer forensics, intrusion detection, wireless security,
and systems management.
In addition, our bill is designed to draw more college undergraduate
and graduate students into the field of cyber-security research.
It establishes programs to use internships, research opportunities,
and better equipment to engage students in this field. America is a
leader in the computer hardware and software development fields. To
preserve America's technological edge, we must continue to have new
students involved in computer science study and research.
S. 2182 highlights the role the Federal Government will play in
helping prepare and prevent against cyber-attacks, but only if we can
ensure the cutting edge research and technology funded in this
legislation is made commercially available. Clearly, there is an urgent
need for the private sector, academic, and individual users, as well as
the Federal and State governments, to deploy innovative security
measures.
I am confident the Federal investment for long-term projects outlined
in this legislation will yield significant results to enhance the
security and reliability of cyberspace.
I am glad to see the Senate, in a rare moment in these last few weeks
and months, has come together and passed this important legislation.
Again, I thank my colleague from Oregon, Senator Wyden, for his
leadership. I have enjoyed working with him on successful passage of
this positive and constructive legislation that will improve the
security of Americans.
I am also grateful to the ranking member of the Judiciary Committee,
Senator Orrin Hatch of Utah, who thoughtfully suggested we add an
assurance that the grants provided in this legislation will go to
individuals who are in full compliance with all immigration laws.
I thank all my colleagues. It was a good team effort. In the future,
our Internet and our cyber-security will be stronger for it.
I ask unanimous consent to print the following letter in the Record.
There being no objection, the material was ordered to be printed in
the Record, as follows:
[[Page S10609]]
Business Software Alliance
October 17, 2002.
Sen. Ron Wyden,
Chairman,
Sen. George Allen,
Ranking Member,
Subcommittee on Science, Technology & Space, Committee on
Commerce, U.S. Senate, Washington, DC.
Dear Chairman Wyden and Ranking Member Allen: We are
writing to express our support of the Business Software
Alliance (BSA) and the Information Technology Association of
America (ITAA) for S. 2182, the Cyber Security Research and
Development Act, and to urge quick Senate passage of the
bill.
Our associations represent the world's leading research-
based software and hardware developers and manufacturers. As
builders of many of the products, networks and systems that
power the world's information infrastructures, and of the
leading security tools used to protect them, our members are
extremely committed to cyber security.
S. 2182 authorizes federal expenditures on fundamental
basic, long-term research into computer security, as well as
much-needed graduate and post-doctoral fellowships in
computer security. The bill complements the hundreds of
millions of dollars spent each year by the information
technology industry on cyber security R&D. Government-funded
research, undertaken in close partnership with industry, is a
critical component of an effective government strategy to
advance cyber security, and we commend your efforts to
further the Federal Government's work in this area.
We also appreciate the efforts you and your staffs have
undertaken to address concerns that were raised by industry
earlier in this process with regard to provisions of the
legislation pertaining to Federal computer systems. Your
receptivity to these concerns has resulted, in our view, in a
stronger bill, and we commend you for your efforts in this
regard.
We are pleased to offer you our support of this legislation
and to encourage its swift passage by the full Senate.
Sincerely,
Robert W. Holleyman II,
President and CEO,
Business Software Alliance (BSA).
Harris N. Miller,
President,
Information Technology Association of America (ITAA).
The PRESIDING OFFICER (Mr. Corzine). Who yields time?
The Senator from Hawaii.
____________________
Copyright © 1999-2002 American Immigration LLC, ILW.COM
|
Add to del.icio.us