We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Procedures

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What is the Computer Security Act of 1987?

By Dale Marshall
Updated: May 16, 2024
Views: 9,542
Share

The Computer Security Act of 1987 was enacted by the United States Congress in 1987 in an early attempt to establish standards for the security of the new generation of computers owned by the national government. Another objective of the act was to give legislative recognition to the idea that there exists a kind of information that didn’t qualify as “secret,” yet deserved safeguarding on the nation’s computer systems. Giving effect to that recognition by establishing security protocols and training to work with and safeguard it was the bulk of the Computer Security Act of 1987, as well as naming a single federal entity, the National Bureau of Standards, to oversee and coordinate these efforts throughout the federal government

In the early 1980s, what were then called personal computers were acknowledged as powerful tools, and the world wide web was still in its formative stages, but the full potential and vulnerabilities of computers had only been guessed at. The federal government was already a major user of desktop computers, both standalone and networked, but there was no central authority responsible for overseeing security and training issues; instead, responsibility for federally-owned computers, and the information they stored, was divided haphazardly among three agencies. Setting computer security policy for the federal government was the responsibility of the Office of Management and Budget, and the Commerce Department had responsibility for setting processing and computing standards of computers purchased by the government. The National Security Agency (NSA), in turn, was charged with securing classified information on federal computers. Coordination of efforts among these three agencies was nonexistent, and turf wars were common.

In 1984, President Ronald Reagan signed a directive that created a structure within which the NSA, Department of Defense (DoD) and the National Security Council had significant responsibilities in developing computer security standards, but their activities appeared to commingle civilian and defense matters, as well as jeopardize civilian access to government records. Reagan’s order was rescinded during hearings on the Computer Security Act of 1987, which were held because of failure to pass legislation in 1985 that was intended to assign to the National Bureau of Standards the job of developing and enforcing security standards for federal computers.

The Computer Security Act of 1987 addressed four specific areas. First, it established a new level of security classification: "sensitive," which was given to information that should be safeguarded but didn’t rise to the level of “secret.” Second, it required the development of uniform security policies and practices for federal computer systems that held sensitive material, as well as the identification of those systems. Third, the act called for the uniform standards of training for personnel assigned to operate those systems. The Act finally assigned to the National Bureau of Standards the task of developing minimum acceptable standards for the security of all federal computers and computer systems, with the assistance of the NSA. The object of numerous hearings and revisions, the Computer Security Act of 1987 was finally superseded by the Federal Information Security Management Act of 2002.

Share
MyLawQuestions is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
Share
https://www.mylawquestions.com/what-is-the-computer-security-act-of-1987.htm
Copy this link
MyLawQuestions, in your inbox

Our latest articles, guides, and more, delivered daily.

MyLawQuestions, in your inbox

Our latest articles, guides, and more, delivered daily.