Law may boost info security

ORLANDO, Fla. -- Information security should lead the list of considerations for new investments, and changing the law to require it may help agencies improve systems, a House subcommittee staff director said today.

The House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census Subcommittee is looking at amending the language of the Clinger-Cohen Act of 1996 to mandate that information security and enterprise architecture be identified when making new investments, according to subcommittee staff director Bob Dix.

"Information security is a very, very risky business these days," Dix said, speaking today at the Information Processing Interagency Conference sponsored by the Government Information Technology Executive Council.

All stakeholders should be involved in securing critical systems, Dix said, adding that government officials can learn from the private sector's best practices. An information security working group, created by the subcommittee to include government, private-sector and security organizations, is examining ways to better protect critical systems.

Rep. Adam Putnam (R-Fla.), subcommittee chairman, drafted legislation last year that would have required publicly traded companies to follow and report on a list of security requirements. However, before the legislation was passed, Putnam formed a group to study whether companies can do the work on their own. The group is expected to present a list of recommendations for best practices and procurement practices to the chairman in two days, Dix said.

Included in the group's work is determining whether Clinger-Cohen should include language about information security. By meeting with technology companies, subcommittee officials found that the companies doing the best in information security are those regulated by law, Dix said

The federal enterprise architecture plays a leading role in moving the government into adopting a business model mentality, he said. Mapping investments to reference models in the architecture opens the door for information sharing and agency collaboration, Dix said.

"A lot of people on the Hill don't understand many of the issues in information technology, but this blueprint...is producing, or is about to produce, some pretty remarkable results," he said.

Featured

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected