Putnam seeks industry emphasis on info security

If companies don't incorporate information security best practices into their planning and management, the House of Representatives' technology leader says he will try to make them do it.

"While I would clearly prefer an option that did not require a legislative initiative to address this matter as a management issue and incorporate fundamental 'best practices' into information security planning, I have prepared a draft bill that would require an annual information security risk assessment by publicly traded companies," Rep. Adam Putnam (R-Fla.) wrote in an Oct. 30 letter to the Information Technology Association of America.

Putnam, chairman of the House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census subcommittee, outlined his concern that companies are treating security as just a technology issue and not a corporate one. The Federal Information Security Management Act (FISMA) of 2002 fostered an emphasis on best practices at federal agencies, but there is no similar across-the-board oversight for the private sector.

The draft Corporate Information Security Accountability Act has gone through several experts in the private sector and, so far, has received positive responses and suggestions, Putnam said. In addition, however, he has organized a working group to work with the subcommittee staff on the draft and to look at potential alternatives to legislation.

The Business Software Alliance last month released a white paper with the beginnings of a security governance framework for the private sector, drawing from FISMA and other security guidance. Officials are hoping to expand on that framework, working with other industry organizations.

Featured

  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected