Congress continues to hammer agencies on computer security

Members of Congress are continuing to push federal agencies to improve the security of their computer systems.

This week, the House will consider H.R. 2413, a bill aimed at standardizing security efforts. After hacking into several agencies' computer systems, the General Accounting Office recently gave the federal government an overall grade of "D-minus" for its computer security efforts.

The bill amends the Computer Security Act of 1987, which established the National Institute of Standards and Technology (NIST) as the authority over computer and communication security standards in federal agencies.

The new legislation expands NIST's reach, giving it responsibility for setting new security standards. The bill also increases NIST's role on the Computer System Security and Privacy Advisory Board, an independent group composed of representatives from the private and public sectors.

NIST would get an additional $7 million in fiscal year 2001 and $8 million in fiscal year 2002 in the bill, and an additional $1 million would be set aside over the fiscal year 2001 to 2002 period for grants to college students for research on computer security.