Putnam seeks industry emphasis on info security

If companies don't incorporate information security best practices into their planning and management, the House of Representatives' technology leader says he will try to make them do it.

"While I would clearly prefer an option that did not require a legislative initiative to address this matter as a management issue and incorporate fundamental 'best practices' into information security planning, I have prepared a draft bill that would require an annual information security risk assessment by publicly traded companies," Rep. Adam Putnam (R-Fla.) wrote in an Oct. 30 letter to the Information Technology Association of America.

Putnam, chairman of the House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census subcommittee, outlined his concern that companies are treating security as just a technology issue and not a corporate one. The Federal Information Security Management Act (FISMA) of 2002 fostered an emphasis on best practices at federal agencies, but there is no similar across-the-board oversight for the private sector.

The draft Corporate Information Security Accountability Act has gone through several experts in the private sector and, so far, has received positive responses and suggestions, Putnam said. In addition, however, he has organized a working group to work with the subcommittee staff on the draft and to look at potential alternatives to legislation.

The Business Software Alliance last month released a white paper with the beginnings of a security governance framework for the private sector, drawing from FISMA and other security guidance. Officials are hoping to expand on that framework, working with other industry organizations.

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.