Using the buying power
- By Florence Olsen
- May 03, 2004
With a $60 billion annual investment in information technology, the federal government has significant purchasing power. And federal officials appear ready to wield it for cybersecurity. Officials from the Office of Management and Budget, the Homeland Security Department and the General Services Administration, for instance, are considering how to consolidate agency requirements for secure products and services and incorporate those into a governmentwide program called SmartBuy.
Observers inside and outside government see the National Institute of Standards and Technology as having an increasingly important role in setting standards for safely configured systems. "If you have an agreement on what a safely configured system is," said Alan Paller, director of research at the SANS Institute, "you can write it into your procurement documents that for every application the vendor has to test the application on a safe system."
Paller said agencies would spend less time and money learning how to configure their systems to be secure without breaking the applications that run on them. "There's a huge economic benefit."
Rep. Adam Putnam (R-Fla.), meanwhile, is not letting anybody off the hook. He's still trying to get the numbers he wants from OMB.