New law makes cybersecurity part of early IT planning

With the passage of the 9/11 Intelligence bill yesterday, agencies now will have to do a better job of including cybersecurity in the planning and acquisition phases of systems development.


Congress passed Rep. Adam Putnam's IT security amendment to the Clinger-Cohen Act as a part of HR 10. The Florida Republican wrote the legislation last year while chairman of the House Government Reform subcommittee on technology, information policy, intergovernmental relations and the census. Putnam moved to the Rules Committee in September.


"The Clinger-Cohen amendment would explicitly require federal agencies to emphasize information security from the earliest possible stages of the IT capital planning and investment decision-making process for new systems," Putnam said.


Putnam attached the amendment to the 9/11 bill in September. He offered the changes after receiving recommendations from the Corporate Information Security Working Group, which the subcommittee set up late last year.


"This is a modest yet important step in focusing attention and raising the level of awareness about the essential nature of information security for federal computer networks," Putnam said.


President Bush is expected to sign the 9/11 Recommendations Implementation Act into law next week.