Bill summaries are authored by CRS.

Shown Here:
Reported to Senate amended (08/01/2002)

Cyber Security Research and Development Act - Authorizes appropriations to the National Science Foundation (NSF) and to the Secretary of Commerce for the National Institute of Standards and Technology (NIST) to establish new programs, and to increase funding for certain current programs, for computer and network security research and development and research fellowships.

(Sec. 4) Requires the NSF Director to award grants for computer and network security through: (1) basic research in innovative approaches to the structure of hardware and software; (2) multidisciplinary research centers of institutions of higher education (IHEs) or consortia thereof which may partner with government laboratories or for-profit institutions; (3) undergraduate and master's degree programs, as well as education-related grants under the Scientific and Advanced Technology Act of 1992; (4) graduate traineeships; (5) graduate research fellowships; and (6) trainership programs to enable graduate students to pursue academic careers in cyber security upon completion of doctoral degrees. Amends the National Science Foundation Act of 1950 to include among NSF functions leading in supporting research and education activities to improve networked information systems' security.

Amends the National Institute of Standards and Technology Act to require the NIST Director, through the Director of the Office for Information Security Programs, to establish a program of assistance to IHEs that enter into partnerships with for-profit entities to support research to improve the security of computer systems. Authorizes the Director to establish a program to award post-doctoral research fellowships, including senior fellowships, to individuals seeking research positions at institutions engaged in research activities related to the security of computer systems. Mandates that the Director require up to 50 percent of the costs of the funded project to be met by the entities involved. Provides for periodic program review, as well as a comprehensive review after five program years.

Requires the NIST Director to report to: (1) specified congressional committees identifying specific Federal agency benchmark standards that should be developed to serve as the basis for cyber security standards for Federal departments and agencies; and (2) the Secretary and the Chairman of the Federal Chief Information Officers council recommending benchmark security standards for Federal civilian departments and agencies. Requires such standards to be adopted and reviewed and updated at least every six months. Authorizes appropriations. Requires the Chairman to report to the appropriate congressional committees on the status of standards implementation.

Requires the NIST Director to arrange with the National Research Council of the National Academy of Sciences (NRC) to study and report to Congress on an examination of the impact of requiring Federal agencies to implement benchmark security standards on the state of national cyber security preparedness. Authorizes appropriations.

Establishes in NIST an Office for Information Security Programs, headed by a Director.

(Sec. 9) Authorizes appropriations to enable the Computer System Security and Privacy Advisory Board to identify emergency computer security issues, convene meetings, and disseminate information.

(Sec. 10) Requires NIST to carry out specified types of intramural computer security research.

(Sec. 11) Authorizes appropriations for NIST for programs authorized under this Act.

(Sec. 12) Requires the NIST Director to arrange with NRC to study and report to Congress on critical infrastructure weaknesses. Authorizes appropriations.

(Sec. 13) Requires the Office of Science and Technology Policy to develop strategies to foster greater coordination of Federal research and development activities and to promote cyber security cooperation between the Federal Government, IHEs, and private industry.