The Senate Commerce Committee has unanimously approved legislation that would award cash and non-cash prizes to winners of a national series of Cybersecurity Grand Challenges.
The Cybersecurity Competitions to Yield Better Efforts to Research the Latest Exceptionally Advanced Problems (CYBER LEAP) Act of 2020 aims to deliver “high-priority breakthroughs in cybersecurity by 2028” in five key areas:
- Economics of a cyber attack. Develop innovative ways to raise the cost to adversaries of launching cyber attacks.
- Cyber training. Improve Americans’ digital literacy and build a skilled cybersecurity workforce.
- Emerging technology. Advance cybersecurity knowledge of emerging technologies, such as artificial intelligence, quantum science, and communications technologies.
- Reimagining digital identity. Boost the online security and safety of U.S. internet users.
- Federal agency resilience. Reduce cybersecurity risks to government networks and systems and improve incident response.
Just ahead of the bill’s passing committee, an amendment from Mike Lee (R-UT) eliminated a clause allowing the Commerce Secretary to establish additional grand challenges.
The bill is sponsored by Commerce Committee chairman Roger Wicker (R-MS) and Senators Cory Gardner (R-CO) and Jacky Rosen (D-NV). There’s no certainty that the bipartisan legislation will gain Congressional approval. It has moved out of Committee to the Senate floor where it will remain pending a floor vote. “This legislation would help foster innovation and collaboration as the public, private, and academic sectors work together to address the cybersecurity challenges of our time,” said Gardner. “We all must work together to protect our critical infrastructure and personal information.”
The grand challenges idea sprung from recommendations to improve the nation’s cybersecurity profile contained in the National Security Telecommunications Advisory Committee’s (NSTAC) November 2018 report on a “Cybersecurity Moonshot.” The NSTAC adopted the term from the National Aeronautics and Space Administration’s Apollo program’s project to send a man to the Moon following President Kennedy’s May 1961 address to a joint session of Congress. The NSTAC report was spearheaded by Palo Alto Networks and Unisys with working groups composed of tech titans AT&T, CenturyLink, Dell, Forescout, McAfee, Microsoft, Neustar, Raytheon and others with representation from the Department of Homeland Security and the National Security Agency.
In other federal agencies, similarly constructed challenges have resulted in contract awards. For example, ForAllSecure, a Palo Alto, CA-based cybersecurity startup focused on locking down critical software, in early May won a $45 million award from the Defense Innovation Unit to test cybersecurity on the Defense Department’s weapon systems applications.
In carrying out the grand challenges, the Commerce Secretary is to collaborate with the National Science Foundation; the Cybersecurity and Infrastructure Security Agency; the Defense Advanced Research Projects Agency; the Office of Science and Technology Policy; the Office of Management and Budget; the General Services Administration; the Federal Trade Commission; and, the heads of other federal agencies if appropriate. The grand challenges must begin six months after the bill is enacted.