By a voice vote, the U.S. House of Representatives agreed to the Cyber Security Research and Development Act (CSRDA), which hands colleges and universities about $900 million over the next five years to create security centers, recruit graduate students and pay for research.
The measure already has beenby the Senate, and will go to President Bush for his signature.
At a press conference after the vote, CSDRA's backers said the bill would help solve America's "cybersecurity" problems and convince more students to study related topics.
Harris Miller, president of the Information Technology Association of America (ITAA), said spending tax money was necessary because "academics do follow the money." Miller said the companies that are members of the ITAA "don't have the people--they need the training" to fill vacant tech jobs in the security field.
Eugene Spafford, co-chairman of the Association for Computing Machinery's U.S. chapter, said in a statement: "This long-term commitment is welcomed as it will enable research to develop new systems that are more resistant to attack and to better address the challenges of tomorrow."
Critics have called CSDRA a combination of pork barrel politics and corporate welfare. "Too much government involvement would represent a business handout and bad policy," said Wayne Crews, director of technology studies at the Cato Institute. "Just as the threat of terrorism has been exploited as a way of securing passage of other pet law-enforcement projects, the cybersecurity threat can also be an occasion for shifting to the government the costs of what are or should be private sector responsibilities."
After Bush signs the bill, CSRDA would, over a five-year period, give:
$275 million for post-doctoral research fellowships and senior research fellowships. This work must be "related to the security of computer systems."
$233 million for research grants in nine security-related areas. They include cryptography, privacy, wireless security, and "enhancement of law enforcement ability to detect, investigate and prosecute cybercrimes, including those that involve piracy of intellectual property."
$144 million over five years to set up Computer and Network Security Research Centers that will be designed to increase "the number and quality of computer and network security researchers and other professionals."
$95 million to give grants to colleges and universities to "establish or improve undergraduate and master's degree programs in computer and network security."
$90 million to create traineeship programs for graduate students who pursue computer and network security research.
$32 million for research designed to improve the security of networks and pay for "multidisciplinary, long-term, high-risk research on ways to improve the security of computer systems."
$25 million for traineeship programs to encourage graduate students "to pursue academic careers in cybersecurity upon completion of doctoral degrees."