PC security audits for businesses?
The audit must be conducted by an independent party and assess "the risk and magnitude of the harm that could result from the unauthorized access," alteration or destruction of company computers, says the draft, prepared by Rep. Adam Putnam, R-Fla. Putnam is chairman of a House technology subcommittee.
"Given the magnitude of the threat and the depth of the vulnerabilities that exist today, it is imperative that we address this matter aggressively and collaboratively in order to enhance the protection of the nation's information networks on behalf of the American people and the U.S. economy," Putnam said in a statement this week. He warned that the Federal Information Security Management Act established detailed security regulations for agencies to follow, but private companies have no such obligations.
It's not clear, however, what the fate of Putnam's "Corporate Information Security Accountability Act" will be. Technology companies, leery of aggressive government regulation and mandates from Washington, D.C., politicians, are quietly trying to convince Putnam not to introduce the proposal.
[ Read more ]