(Washington, DC) – Today, the Committee on Science and Technology’s Subcommittee on Research and Science Education held a hearing to explore federal cyber security R&D. Specifically, the hearing examined the priorities and gaps in the cyber security research portfolio to determine how effective federal programs are at addressing our nation’s existing security concerns and future threats.
“Last year, the Pentagon reported more than 360 million attempts to break into its network,” said Subcommittee Chairman Daniel Lipinski (D-IL). “Cybercrime is a problem for businesses large and small, and for every single American. The FTC estimates that identity theft costs consumers about $50 billion annually, and that, even more alarmingly, it’s the fastest growing type of fraud in the United States. Improving the security of cyberspace is of the utmost importance and will require a collective effort by the federal government, the private sector, our scientists and engineers, and every American.”
Information technology (IT) has drastically changed the way we live our lives. IT provides people with new ways to communicate, do business, and complete daily tasks more efficiently and effectively. Along with this increased connectivity and productivity comes a heightened concern about the adequacy of our cyber security measures. Due to these concerns, Subcommittee Members questioned witnesses regarding the effectiveness of cyber security training programs.
“In order to realize the full benefits of information technology, we need advances in cyber security R&D,” Lipinski stated. “Cyber threats are constantly evolving and cyber security R&D must evolve in concert through a combination of near-term fixes and long-term projects that build a more secure foundation. People are perhaps the most important part of our IT infrastructure. Better cyber security education for both the general public and for current and future IT professionals is vital.”
Witnesses emphasized the importance of social science to understanding online behaviors, such as the decisions behind creating passwords and downloading files.
In 2007, due to a cyber attack on an American retailer, the personal information of 45 million credit and debit card holders was compromised. Cyber attacks have steadily increased over the past decade and many companies avoid reporting incidents out of fear of the impact on their stock price and the possibility of future attacks. Typically, firms hit by a cyber attack observe a 1 to 5 percent decline in their stocks – a loss of $50-$200 million for large companies.
“I am glad that the president is taking an active role, and there is no doubt in my mind that Administration leadership will help better define and prioritize cyber-threats, coordinate the Federal response, and develop effective partnerships with the private sector that will further cyber security R&D,” Lipinski added.” As Chairman of this Subcommittee, I look forward to working with my colleagues and the Administration to ensure the development of a strong cyber security strategy.”
The Committee will play a key role in improving cyber security.
Scheduled hearings on cyber security include:
- On June 16, the Technology and Innovation Subcommittee and the Research and Science Education Subcommittee will discuss the Administration’s Cyberspace Policy Review report with relevant agencies.
- On June 25, the Technology and Innovation Subcommittee will assess the cyber security efforts of the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST).