Senate approves plan to beef up computer security
Federal agency heads must ensure that their information systems are secure under a provision of the fiscal 2001 defense authorization bill that gained Senate approval late last week.
The provision, S. 1993, co-sponsored by Sens. Fred Thompson, R-Tenn., and Joseph Lieberman, D-Conn., provides a managerial framework for protecting federal computer records from hackers, cyberterrorists, and accidental or careless unauthorized disclosure. Thompson has called agencies' current method of dealing with such problems a "band-aid approach."
"Effective computer security starts with effective management and this legislation will help federal agencies get a handle on managing their computer security efforts," Thompson said.
Under the bill, the executive branch must set up a chain of command and responsibility for protecting computer records, stretching from the director of the Office and Management and Budget at the top to individual departments and agencies below. The General Accounting Office is charged with annual oversight of IT security at all federal agencies.
In addition, the bill would require agencies to:
- Establish clear accountability for information security.
- Have an annual independent evaluation of IT security.
- Develop a security plan.
- Switch to procedures identified as "best practices."
- Make sure the relevant employees are properly informed and trained.
"In today's Wild West electronic environment, every precaution must be taken," Lieberman said.
Agency managers would also have the flexibility to attract technology talent through the use of a "federal cyber service," that would hand out scholarships and fellowships in exchange for federal service.
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.