On Thursday, April 26, 2012, the House is scheduled to consider H.R. 2096, the Cybersecurity Enhancement Act of 2011, under a suspension of the rules requiring a two-thirds majority for approval.  The bill was introduced on June 2, 2011, by Rep. Michael McCaul (R-TX) and referred to the Committee on Science and Technology, which held a mark up and reported the bill by voice vote on July 21, 2011.

H.R. 2096 would amend the Cyber Security Research Development Act and the National Institute of Standards and Technology to do the following:

• Provide strategic planning for cybersecurity research and development needs across the federal government;
• Reauthorize funding for established cybersecurity basic research and education grants at the National Science Foundation (NSF);
• Enhance NSF scholarships to increase the size and skills of the cybersecurity workforce;
• Repeal unused programs;
• Provide for an assessment of the federal government’s current and future cybersecurity workforce needs;
• Establish a university-industry task force to explore mechanisms and models for carrying out public-private cybersecurity research partnerships; and
• Strengthen research and development, standards development and coordination, and public outreach at the National Institute of Standards and Technology (NIST) related to cybersecurity. 

Six existing NSF grant programs in statute would be reauthorized for three years (FY13-FY15) in the bill.  Authorizations for these programs expired in 2007, but NSF has been utilizing appropriations to conduct them under their general authorities.

In FY10, NSF spent $148.6 million dollars on these activities.  H.R. 2096 would authorize these activities for FY13 at $140 million, a savings of $8.6 million (5.8 percent) over FY10 spending.  These activities would be flat-lined for FY14 and FY15, for a total authorization in the bill of $420 million, or $508 million less than the 111^th Congress’s version of the bill.

According to Committee Report 112-264, the purpose of H.R. 2096 is to improve cybersecurity in the federal, private, and public sectors through: coordination and prioritization of federal cybersecurity research and development activities; strengthening of the cybersecurity workforce; coordination of federal agency engagement in international cybersecurity technical standards development; and the reauthorization of cybersecurity related programs at the NSF and the NIST.

As our reliance on information technology expands, so do our vulnerabilities.  Protecting the nation’s cyber infrastructure is a responsibility shared by different federal agencies, including the NSF and the NIST.

Based on information from NSF and NIST and assuming appropriation of the necessary amounts, CBO estimates that implementing H.R. 2096 would cost $382 million over the 2012-2016 period and $39 million after 2016.  Enacting the legislation would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply.