Sen. Edwards' IT bill would bolster security

Sen. John Edwards

The National Cyber Security Leadership Act of 2003, introduced this month by Sen. John Edwards, complements the Federal Information Security Management Act, which was part of last year's homeland security bill.

The North Carolina Democrat said he was prompted to introduce the bill, S 187, by the latest round of IT security evaluations from the Office of Management and Budget, the General Accounting Office and Congress. He called the government's lax systems security a poor example that gives federal contractors little incentive to upgrade their security.

The bill would require agency CIOs to identify vulnerabilities in systems, establish goals for eliminating them and evaluate performance at least quarterly.

The bill authorizes $1 million in fiscal 2004 funding for the National Institute of Standards and Technology to develop guidelines for fixing vulnerabilities within six months of agencies' assessments.

The Federal Information Security Management Act requires agencies to assess IT risks and provide protection commensurate with the risks.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above