Loudernet

By Grant Gross February 4, 2010 02:22 PM ET

IDG News Service – The U.S. House of Representatives has passed a bill that would authorize hundreds of millions of dollars in spending on cybersecurity research and education.

The Cybersecurity Enhancement Act would give $395 million to the U.S. National Science Foundation to fund several cybersecurity research projects between this year and 2014.

The NSF would also get $108.7 million over five years for a cybersecurity scholarship program, in which recipients would be required to serve as a cybersecurity professional in the U.S. government after graduating from college. Bachelor’s and master’s degree students could get up to two years of scholarship money, and doctoral students could get three years, but students would have to serve in the federal government for the same number of years they received scholarships.

The bill, which passed Thursday by a vote of 422 to 5, also requires U.S. agencies to work together to come up with a strategic research and development plan for cybersecurity needs, focused on “innovative, transformational technologies.” The bill also requires the White House Office of Science and Technology to convene a task force on how to collaborate with colleges and private business on cybersecurity research and development.

Rep. Daniel Lipinski, an Illinois Democrat and prime sponsor of the bill, said the bill is important because U.S. government Web sites are under constant attack. “Cybercrime is a problem for businesses large and small and for every single American,” he said on the House floor Wednesday.

U.S. House passes cybersecurity R&D bill

By Ellen Nakashima Thursday, February 4, 2010; A01

The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity.

Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.

Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google’s policies or laws that protect the privacy of Americans’ online communications. The sources said the deal does not mean the NSA will be viewing users’ searches or e-mail accounts or that Google will be sharing proprietary data.

The partnership strikes at the core of one of the most sensitive issues for the government and private industry in the evolving world of cybersecurity: how to balance privacy and national security interests. On Tuesday, Director of National Intelligence Dennis C. Blair called the Google attacks, which the company acknowledged in January, a “wake-up call.” Cyberspace cannot be protected, he said, without a “collaborative effort that incorporates both the U.S. private sector and our international partners.”

But achieving collaboration is not easy, in part because private companies do not trust the government to keep their secrets and in part because of concerns that collaboration can lead to continuous government monitoring of private communications. Privacy advocates, concerned about a repeat of the NSA’s warrantless interception of Americans’ phone calls and e-mails after the Sept. 11, 2001, terrorist attacks, say information-sharing must be limited and closely overseen.

“The critical question is: At what level will the American public be comfortable with Google sharing information with NSA?“

said Ellen McCarthy, president of the Intelligence and National Security Alliance, an organization of current and former intelligence and national security officials that seeks ways to foster greater sharing of information between government and industry.

Google to enlist NSA to help it ward off cyberattacks.

The President of the United States is said by some to be the most powerful man in the world — but should he have control of the spread of information.

legislation proposed on April 1 is no joke. The proposed bill would grant President Obama the authority to shut down public and private networks — including the restriction of internet traffic — as part of a cybersecurity emergency plan.

The bill was introduced by West Virginia Democratic Sen. John Rockefeller and Sen. Olympia Snowe, a Republican from Maine. The aim of the bill is to unite both public and private network operators to develop regulations for what to do in case of a cyber attack.

For obvious reasons, many are concerned about what such power could mean if the wrong actions were taken. Leslie Harris, president and CEO at the Center for Democracy and Technology (CDT), said in a NetworkWorld story, “This is pretty sweeping legislation. Seems the President could turn off the Internet completely or tell someone like Verizon to limit or block certain traffic. There is a lot to worry about in this bill.”

While the public sector may be used to more government regulation and involvement, such control will undoubtedly bother corporations. CDT’s Harris added that regulatory rules could force companies to all conform to a similar system, which could hamper security and innovation. For example, if a critical security flaw was found in a mandated system, then the entire network could be susceptible to such a flaw.

Bill Allows Obama Power to Shut Down Internet – Tom’s Hardware