Group backs new computer security requirements for agencies

A corporate working group spearheaded by a House lawmaker on Tuesday released recommendations to increase the nation's cybersecurity efforts.

The Corporate Information Security Working Group, led by Rep. Adam Putnam, R-Fla., suggested various security initiatives, such as legislation to ensure that federal departments incorporate information security into technology investments and market-based incentives for corporations to adopt cyber-security guidelines.

The recommendations "contain innovative and creative approaches, utilizing a variety of tools to achieve a private-sector-driven, market-based approach to addressing corporate information security in every sector," Putnam said in a statement.

The 25-member group, which includes senior leaders from companies, academia and institutions, suggested that Congress amend the 1996 Clinger-Cohen Act to define information security as a component that "must be evaluated" in information technology investments for federal agencies. The law aims to keep federal IT expenditures in check, among other things.

The group also said Congress should exercise oversight and encourage the Office of Management and Budget to enforce a law requiring agencies to have minimum security configuration standards for their IT systems.

Putnam, who chairs the House Government Reform Subcommittee on Technology, has begun drafting Clinger-Cohen amendment language and plans to act in on it soon.