|
Washington, D.C. – October 22, 2009 - Today the Subcommittee on Technology and Innovation held a hearing to review the recommendations made in the Cyberspace Policy Review pertaining to the National Institute of Standards and Technology (NIST) and the proposed reorganization of the NIST Information Technology Laboratory. The hearing was the Committee’s fourth on cybersecurity this year, and was intended to inform development of legislation later this year.
“NIST is a proven and trusted entity within the Federal government, the private sector, and around the world,” said Ranking Member Adrian Smith (R-NE). “It is also well-known for its excellence in advancing research and the fundamental science of computer security.” Smith noted that he welcomed the Committee’s review and consideration of potential additional or expanded activities at NIST to undertake, particularly in the context of NIST’s expertise and capabilities, and the growing importance of and emphasis on cybersecurity to the Federal government and the private sector.
Smith continued, “It is important we work to prioritize activities and identify those which provide the greatest security returns. Additionally, I think we should be careful to delineate what activities NIST should not undertake - particularly with respect to anything which could take on a regulatory nature, either directly or indirectly.”
The Cyberspace Policy Review, released by the Administration on May 29, recognized that the task of addressing cybersecurity concerns comprehensively would be a difficult process, owing to the number of federal departments and agencies involved with overlapping authorities.
Testifying today before the Subcommittee, Dr. Phyllis Schneck, Vice President of Threat Intelligence at McAfee, and Mr. Mark Bohannon, General Counsel and Senior Vice President of Public Policy at the Software & Information Industry Association, both emphasized specific actions that the government should avoid when tackling cybersecurity concerns.
“The government should not impose country-specific technology standards for cybersecurity, in particular standards developed by government agencies, except in narrowly tailored national security situations,” asserted Dr. Schneck.
Mr. Bohannon went on to urge the Committee “not to make NIST a ‘regulator’ of private sector actions.” Bohannon said that “NIST has effectuated its mission best through long-standing collaboration with the private sector. This collaboration has benefited not only government agencies, but also our nation’s infrastructure, innovation environment and competitive strength.”
The witness panel agreed that NIST should continue to play an important role in ensuring a standard that conforms to general practice.
The following witnesses also testified today before the Subcommittee:
Ms. Cita Furlani, Director of the Information Technology Laboratory, NIST;
Dr. Susan Landau, Distinguished Engineer, Sun Microsystems. She is a former member of the Commission on Cyber Security for the 44th Presidency and the NIST Information Security and Privacy Advisory Board;
Professor Fred Schneider, Samuel B. Eckert Professor of Computer Science, Cornell University and a current NIST Information Security and Privacy Advisory Board member; and
Mr. William Wyatt, Founder and CEO, SignaCert, Inc. He is formerly a member of the NIST Visiting Committee on Advanced Technology.
For more information on today’s hearing, or to read witness testimony, please visit the GOP Science and Technology Committee website.
###
111-75 |