Lawmakers are getting less subtle with their demands that vendors and network operators do everything possible to make the nation's cyber-infrastructure secure. Even legislation dictating IT security requirements--regarded as a last resort--is in the works and slated for introduction by year's . . .
Lawmakers are getting less subtle with their demands that vendors and network operators do everything possible to make the nation's cyber-infrastructure secure. Even legislation dictating IT security requirements--regarded as a last resort--is in the works and slated for introduction by year's end. Advising corporations to "get their house in order" and demonstrate that regulation is unnecessary, Rep. Adam Putnam, R-Fla., chairman of the subcommittee on technology and information policy, said last week that legislation is in development.

"As we dig in, as we learn more, there are areas where I believe the subcommittee will be drafting bills toward the end of this year that will affect the private sector," Putnam told a group of IT vendors and policy-makers at an e-government forum sponsored here by the Business Software Alliance and the Center for Strategic and International Studies.

The government does not have to actually set technology standards to achieve the goals of securing networks, Putnam said. Instead, it could require public companies to disclose IT security audit results in Securities and Exchange Commission reports, similar to how Y2K security measures were reported.

The link for this article located at eWeek is no longer available.