as prepared for delivery
Thanks to CCIA and Ed Black for having me here today. I’ll begin with an overview of the Science and Technology Committee’s jurisdiction on IT and telecom-related issues and with the merging of technologies. For example, I’m not sure whether an I-phone should best be described as a telephone or a mini-computer. So in my remarks this morning, I don’t intend to make an obsolete distinction between IT and Telecom issues; instead, I’ll consider the technological landscape our integrated IT/telecom network.
The Science and Technology Committee does not produce legislation which results in regulation. That’s the role of the Energy and Commerce Committee, of which I am also a member. But the Science Committee does have jurisdiction over the National Science Foundation, the National Institute of Standards and Technology, and the Science and Technology Directorate of the Department of Homeland Security, all of which are fundamental to the success of your companies. Together, they support activities that lead to the development of new products and keep our networks secure, operational and interoperable.
NIST, working with industry, develops the technical standards that allow our networks to work fluidly. Many of the companies that you represent work closely with NIST on these technical standards. NIST is not a Johnny-come-lately to the IT field. Back in 1950, NIST engineers built the world’s fastest computer. It was also the first to use transistors rather than vacuum tubes. Since then, NIST has played a key role in the evolution of IT technologies and the growth of the industry. NIST has an important role to play in networked systems security. The Computer Security Act of 1988 specifies that NIST is responsible for the security of all unclassified federal IT systems. It does this by issuing Federal Information Processing Standards which are used by Federal Agencies and Industry. The best known is the Digital Encryption Standard, the “gold standard” for both the Federal Government and the private-sector.
NSF also plays a critical role in supporting fundamental university research in the field of cyber security. The NSF budget for cyber security alone is more than $100 million per year. This academic support helps our workforce development, and it generates the knowledge that will form the base for a new generation of IT technologies.
DHS supports research and evaluation of IT and telecom activities related to cybersecurity at levels over $200 million per year. Essentially, DHS builds upon and is the enforcer of the work of NIST and NSF.
These three agencies will be at the center of issues the Committee will focus on during the next six months.
But before I look ahead, let me mention a bill we recently reported out of Committee last week - H.R. 2020, the Networking and Information Research and Development Act. NITRD represents a $3.5 billion investment in R&D in information technology. We strengthened the program by promoting university/industry partnerships and ensuring the research program is informed by industry needs.
Moving ahead, we have cyber security in front of us. The administration has just completed a 60-day National Cyberspace Policy Review to assess cyber policy and structures. This review is due to be released in the next few days. The committee has tentatively scheduled a hearing, asking NIST, NSF, and DHS to explain their role in implementing the 60-day review. This hearing will be the first to put some flesh on the bones of the Administration’s vision for a secure and resilient cyber network. This could not be more important as the success of two of the president’s initiatives –healthcare IT and smart grid – depends on a secure and interoperable IT network, and these are also committee priorities. Following this initial hearing, the committee will proceed with a series of hearings to ask industry representatives and independent experts to comment on and assess the cyber-related activities at NSF, DHS, and NIST. The purpose of these hearings is to develop legislation that will improve network security through a non-regulatory approach based on the common interests of industry, the public and the government.
The Committee will also be reviewing two related issues in our jurisdiction.
The American Recovery and Reinvestment Act included significant funding for the deployment of broadband. One issue that has come to my attention is Internet congestion. Today our network is a complicated pipe system of many different diameters, or speeds. As we all know from sitting in traffic or from the plumbing in our homes, the speed of the overall system is determined by choke points. It is time to understand the choke points our IT/telecom system has and ways to manage the flow of information on our network to ensure that the federal investment in broadband deployment is fully optimized. Broadband could revolutionize the delivery of healthcare, education and economic development, but there are obstacles to overcome.
The digital divide is real, and it exists in my district in Tennessee. I represent some of the wealthiest areas in Tennessee and some of the poorest and most rural. I regularly hear from owners of small businesses in my district who fear they’re going to lose their businesses because they can’t get access to broadband. That’s why the committee will be holding hearings to identify any technical impediments to fully reaping the benefits of broadband deployment.
There is one final topic I would like to mention. International Technical Standards and Testing have become an increasingly important component of competitiveness and safety. As we learned from the Wireless Authentication and Privacy Infrastructure Protocol, China was pursuing a technical standard strategy for their economic benefit and the U.S. was so slow to respond that the issue reached a crisis point for the our nation’s IT/telecom industry. This event highlighted the lack of a coordinated U.S. government approach to dealing with international standards issues. I have been discussing with Secretary Locke the need for a focal point within the federal government to coordinate national standards policy. I believe that NIST is well-suited to fulfill this role.
I have been working on cyber security issues for more than 10 years, and I recognize the work your companies do will be critical to U.S. advances in health care, energy and other fields. The government and the private sector share the goal of having a safe and secure network, but one of the downfalls has been the philosophy of “I’m from the federal government, and I’m here to help.” This approach has not improved cyber security at any level. It’s time to realize that maintaining a secure and interoperable network requires a true partnership between federal government and industry.
And that will be the approach taken by the Committee. When I became chairman of the Science and Technology Committee, I wanted it to become the committee of good ideas and consensus. We have an open door policy, and if you have good ideas, we welcome your suggestions. Thanks for having me here today, and thanks for all you do. I look forward to working with all of you to make our partnership stronger.