Putnam drafting Clinger-Cohen amendment

Rep. Adam Putnam is working on a Clinger-Cohen Act amendment to add cybersecurity and enterprise architecture requirements.

The Florida Republican, chairman of the Government Reform Subcommittee on Technology, Information Policy, Intragovernmental Relations and the Census, wants to make it mandatory for agencies to include cybersecurity efforts and architecture models into their IT oversight and decision-making processes.

'There is a link between IT security and the Federal Enterprise Architecture and how agencies conduct IT oversight,' subcommittee staff director Bob Dix said today. 'We think it is important to refer to the FEA and IT security as explicit parts of IT oversight and management.'

Subcommittee staff members have met with administration and agency officials about the need for possibly amending the 1996 law, and Putnam has received support from committee chairman Rep. Tom Davis (R-Va.), Dix said at a breakfast in Fairfax, Va., sponsored by the National Business Promotions and Conferences Inc. of Herndon, Va.

'We plan to move it pretty quickly after the staff makes recommendations,' Dix said. 'We want Clinger-Cohen to be relevant with what is the current trend in the IT decision-making process.'

The subcommittee also is reviewing the Federal Information Security Management Act to see if there is a need to add an IT oversight and management provision, he said.

Meanwhile, the Corporate Information Security Working Group will submit recommendations to Putnam next Wednesday, March 3, about how the private sector can improve its cybersecurity. The working group has been studying five areas:

  • Setting best practices for private-sector IT security


  • Encouraging companies to adopt the best practices


  • Creating a national IT security education campaign


  • Including IT security in procurement practices


  • Sharing intrusion information and performance metrics.


  • 'From talking to agencies, we've come to learn better IT security is not about money or resources, but commitment and prioritization,' Dix said.

    Featured

    • Russia prying into state, local networks

      A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

    • Marines on patrol (US Marines)

      Using AVs to tell friend from foe

      The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

    Stay Connected