Sunday, February 7, 2010 — Cybersecurity. It is a word that didn’t exist just a few short years ago and something that may not seem important to your everyday life or national security. However, nothing could be further from the truth.

Cybersecurity failures pose one of the most serious risks to our national and economic security. We bank online. We shop online and renew our vehicle registration online. Federal agencies and small businesses alike do business online. Yet, more often than not, we don’t take time to consider what types of safeguards have been put in place to protect us from breaches in our information infrastructure.

This week, Congress passed the Cybersecurity Enhancement Act which reauthorizes and expands the Cyber Security Re-search and Development Act of 2002. This bill requires the National Inst-itute of Standards and Technology to develop and implement a plan to ensure coordination within the federal government in regards to developing a set of international cybersecurity technical standards. The bill calls for the development of cybersecurity awareness and education programs and more investment in research and development.

I believe this is important legislation as we respond to these new types of threats to our national, financial and personal security.

As part of the bill, I introduced an amendment that directs the National Sci-ence Foundation Director to include language in the Computer and Network Security Capacity Building Grants mission to highlight the importance of curriculum on the principles and techniques of designing secure software. The amendment is a critical step in addressing the needs to include secure software curriculum in computer science programs.

Glitches and defects in software account for more than 75 percent of the top 20 security risks. The spirit of the amendment is to drive more investment toward this critical need in computer science programs and stop problems before they start.

UNC Charlotte is at the forefront of this important area of cybersecurity. Dr. Steve Mosier, UNC Char-lotte vice chancellor for Research and Federal Rela-tions, says educating software developers in secure software development is a game changer in addressing security threats. He is quick to point that a single defect in a software application can defeat some of the most sophisticated security defenses in which we have invested.

Mosier and I both agree that implementing a strong curriculum in secure software development in undergraduate computer science programs will lead to a stronger and more effective cybersecurity future as grad/post grad students will have a better foundation on which to base their secure software development. It is estimated that most computer science majors graduate without knowing the basics of secure coding and secure engineering practices. Most university computer science programs do not have curriculum in place to teach secure software development. This is stunning to me.

Our world is changing, and becoming more technology-based all the time. We must be willing to change with it, and be prepared to respond to the new threats that advancing technology will pose. Invest-ment in secure software development and cybersecurity are essential to our information infrastructure’s security.

We’ve all heard the stories of banks and corporations being hacked and know someone who has been the victim of identity theft. With private industry, financial institutions and government agencies, not to mention our personal privacy, all at risk for cyber breaches, it is imperative that we be proactive in developing ways to combat these risks.

I believe the Cybersecu-rity Enhancement Act is a positive move in the right direction for making our country’s information infrastructure more secure and I'm proud to have supported this important legislation this week.

 

Rep. Larry Kissell represents Stanly County and the 8th District in the U.S. House of Representatives.