Senate passes controversial cybersecurity information sharing legislation

28 Oct 2015 | Author: | No comments yet »

Senate Approves Cybersecurity Bill: What You Need To Know.

The latest clash in the cybersecurity-vs.-privacy debate played itself out in Congress on Tuesday when the Senate approved the Cybersecurity Information Sharing Act. Supporters say the bill, approved 74-21, will help stop hackers by getting companies that have been breached to share information about the embarrassing attack with federal law enforcement. Supporters say CISA changes that by letting companies share so-called “cyber threat indicators” with the Department of Homeland Security, which in turn can send out the red alert, share the code and warn others.

Homeland Security has to share the company’s report — which may include customers’ personally identifiable information — with the National Security Agency and other spy agencies. Many companies don’t realize they’ve been attacked, either because they’re not investing in services to identify breaches or not reading the data they’ve collected. According to a breach report by Verizon, this lag in detection is “one of the primary challenges to the security industry.” Lawmakers could have focused on creating mandatory cybersecurity standards for companies, to incentivize the firms to invest more in data security.

A group of professors who teach cyberlaw and cybersecurity, and oppose CISA, say in a statement: “Rather than encouraging companies to increase their own cybersecurity standards, CISA ignores that goal and offloads responsibility to a generalized public-private secret information sharing network. Back when Democrats controlled the Senate, they blocked a bill with a similar acronym — CISPA (the Cyber Intelligence Sharing and Protection Act) — that had the same thrust.

Our partners
Follow us
Contact us
Our contacts

About this site