TRENDING:

Bill Defines New NIST Infosec Tasks

House Panel OKs Cybersecurity Coordination and Awareness Act Eric Chabrow (GovInfoSecurity) • November 4, 2009    
Bill Defines New NIST Infosec Tasks
A House panel Wednesday approved a bill to increase the role of the National Institute of Standards and Technology in developing international cybersecurity technical standards.

If enacted as approved, the Cybersecurity Coordination and Awareness Act also would charge NIST with creating IT security awareness and education campaigns for the public, improving the interoperability of identity management systems to encourage more widespread use and developing an IT security checklist for agencies to use before acquiring IT wares.

The bill, approved by the House Subcommittee on Technology and Innovation, goes to the full Science and Technology Committee, where it could be combined with another measure that requires an agency-by-agency cybersecurity skills assessment. If approved by the full committee, the legislation would go to the House.

The responsibility of coordinating the government representation in international cybersecurity standards development is parsed among different agencies without any consistent policy, said Rep. David Wu., the bill's sponsor and subcommittee chairman. He cited testimony from witnesses at a hearing two weeks ago who said NIST, because of its extensive technical expertise and established relationships with international bodies, would be ideally suited to serve as the government's coordinator on international cybersecurity standards.

In creating a public IT security awareness and education campaign, Wu cautioned NIST to be careful on its use of technical language. He credited NIST as a great resource for technical standards and best practices, but criticized it for too often providing guidance that is too technical for the average user. "The dissemination of more user-friendly standards will help raise the base level of cybersecurity knowledge among individuals, business, education and government," he said.

NIST already performs work on identity management systems such as biometrics, but this bill will direct the agency to improve the interoperability of these systems to encourage more widespread use. "By focusing on the usability and privacy aspects of identity management," Wu said, this bill "will ensure that biometric and other systems will be accepted by the public because they will have confidence in the security of their personal information."

Previous
GRC Trends for 2010 - Chris McClean, Forrester Research
Next
CAG Consortium Set to List Automated Tools

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

David Derigiotis on the Complex World of Cyber Insurance
David Derigiotis on the Complex World of Cyber Insurance
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
Are We Doomed? Not If We Focus on Cyber Resilience
Are We Doomed? Not If We Focus on Cyber Resilience
Organization-Wide Passwordless Orchestration
Organization-Wide Passwordless Orchestration
Craig Box of ARMO on Kubernetes and Complexity
Craig Box of ARMO on Kubernetes and Complexity
Protecting the Hidden Layer in Neural Networks
Protecting the Hidden Layer in Neural Networks
Showing Evidence of 'Recognized Security Practices'
Showing Evidence of 'Recognized Security Practices'
The Persisting Risks Posed by Legacy Medical Devices
The Persisting Risks Posed by Legacy Medical Devices
Whistleblowing Brings Visibility to the Role of CISOs
Whistleblowing Brings Visibility to the Role of CISOs
Aité-Novarica's Cybersecurity Impact Award
Aité-Novarica's Cybersecurity Impact Award

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.