Ready? Secure? Disclose
Are you ready to declare your company secure against attacks from cyberterrorists? If you're not, get moving. The odds are increasing that in the not-so-distant future, legislators will make corporate America adhere to yet-to-be-defined best practices in cybersecurity.
Just as the Sarbanes-Oxley Act of 2002 is designed to assure investors that corporate financial records are properly prepared and accurate, and the Health Insurance Portability and Accountability Act mandates procedures for maintaining and exchanging medical information, the processes used to secure data and computing resources may face compliance legislation.
Rep. Adam Putnam (R-Fla.) last fall drafted the Corporate Information Security Accountability Act of 2003, which would require companies to secure their information systems. The bill has not gone before the House of Representatives, but the proposals in Putnam's draft as well as other recommendations are being batted about in a working group created by the subcommittee Putnam chairs, the Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census.
By Larry Dignan at Baseline.
[ Read more ]