Using the buying power

With a $60 billion annual investment in information technology, the federal government has significant purchasing power. And federal officials appear ready to wield it for cybersecurity. Officials from the Office of Management and Budget, the Homeland Security Department and the General Services Administration, for instance, are considering how to consolidate agency requirements for secure products and services and incorporate those into a governmentwide program called SmartBuy.

Observers inside and outside government see the National Institute of Standards and Technology as having an increasingly important role in setting standards for safely configured systems. "If you have an agreement on what a safely configured system is," said Alan Paller, director of research at the SANS Institute, "you can write it into your procurement documents that for every application the vendor has to test the application on a safe system."

Paller said agencies would spend less time and money learning how to configure their systems to be secure without breaking the applications that run on them. "There's a huge economic benefit."

Rep. Adam Putnam (R-Fla.), meanwhile, is not letting anybody off the hook. He's still trying to get the numbers he wants from OMB.

Featured

  • People
    Federal 100 logo

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected