Previously I mentioned Government mandates in networking and security.

Here’s a Congressional subcommittee working on government recommendations in Internet security:

Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census,
chaired by Adam H. Putnam of Florida, part of Rep. Tom Davis’ Committee on Government Reform.

Back in June, Rep. Putnam remarked:

“Make no mistake. The threat is serious. The vulnerabilities are extensive. And the time for action is now.”

So far, Putnam’s subcommittee has been collecting information and testimony. However, he may go farther:

“Rep. Adam Putnam (R-Fla.) last fall drafted the Corporate Information Security Accountability Act of 2003, which would require companies to button down their information systems. The bill has not yet gone before the House of Representatives, but many of the proposals in Putnam’s draft as well as other recommendations are being batted about in a working group created by the subcommittee Putnam chairs, the Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census.

In the name of protecting national infrastructure, you may be asked to conduct annual security audits, produce an inventory of key assets and their vulnerabilities, carry cybersecurity insurance and even have your security measures verified by independent third parties, if the core features of the proposed legislation make it to the floor of the House. ”

So far, this appears to stop short of mandating technology; instead sticking to best practices. We’ll see.

-jsq