OMB mulls adding information security requirements to budget regs

The Office of Management and Budget is looking at ways to better incorporate security into agencies' funding requests for information technology systems, including revising regulations governing how agencies formulate their budgets.

At most agencies, security is added to information systems and architectures long after the technology is in place. That leaves agencies with vulnerabilities and management issues that cannot be solved unless security is built into the systems, said Glenn Schlarman, policy analyst at OMB's Office of Information Policy and Technology, speaking Tuesday in Falls Church, Va., at a conference sponsored by the General Services Administration's Office of Information Security.

"For the security of a system, [information security] fundingemust be woven into the funding of the [entire] system," he said.

To make security a more fundamental part of agency IT system development starting in fiscal 2001, OMB is studying ways to revise Circular A-11, the document regulating how agencies develop their budget estimates for the president.

"Security will, in all likelihood, be part of that next year," Schlarman said.

Many agencies have called on Congress and OMB to develop emergency or supplemental money for security, similar to the funding offered for solving last-minute Year 2000 problems. But that kind of approach is not going to work for something as broad and complex as information and systems security, Schlarman said.

"If we look at security as a standalone thing that requires a pot of money, then we miss the mark," he said.

Featured

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Budget
    Stock photo ID: 134176955 By Richard Cavalleri

    House passes stopgap spending bill

    The current appropriations bills are set to expire on Oct. 1; the bill now goes to the Senate where it is expected to pass.

Stay Connected