Using the buying power

With a $60 billion annual investment in information technology, the federal government has significant purchasing power. And federal officials appear ready to wield it for cybersecurity. Officials from the Office of Management and Budget, the Homeland Security Department and the General Services Administration, for instance, are considering how to consolidate agency requirements for secure products and services and incorporate those into a governmentwide program called SmartBuy.

Observers inside and outside government see the National Institute of Standards and Technology as having an increasingly important role in setting standards for safely configured systems. "If you have an agreement on what a safely configured system is," said Alan Paller, director of research at the SANS Institute, "you can write it into your procurement documents that for every application the vendor has to test the application on a safe system."

Paller said agencies would spend less time and money learning how to configure their systems to be secure without breaking the applications that run on them. "There's a huge economic benefit."

Rep. Adam Putnam (R-Fla.), meanwhile, is not letting anybody off the hook. He's still trying to get the numbers he wants from OMB.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected