Putnam group releases infosec recommendations

Share this article:

A group formed by Rep. Adam Putnam (R-Florida) last fall to study alternatives to cybersecurity legislation released its recommendations Tuesday.

The recommendations range from economic incentives and safe harbor protections to providing antitrust exemptions for critical infrastructure industry sectors that agree on security specifications for their hardware and software purchases

Putnam, chairman of the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, last year drafted a bill that would require publicly traded companies to include as part of their annual filing with the Securities and Exchange Commission a report on their infosec plans.

After getting feedback from trade groups and others, he postponed introducing the bill and challenged the private sector to develop alternatives. He convened the Corporate Information Security Working Group, which has 25 members from business associations, academic institutions and trade groups.

Putnam said he is evaluating the group's work, along with recommendations recently released by the National Cyber Security Partnership, and other alternatives to cybersecurity legislation. He called the group's recommendations "innovative and creative approaches, utilizing a variety of tools to achieve a private-sector, market-based approach" to infosec across all sectors.

Putnam said he's already started work on one of the group's suggestions: to amend the Clinger-Cohen Act to explictly identity infosec as a component that federal agencies must evaluate in their IT investment planning.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Next Article in News

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.