//
you're reading...
Information Security, IT & TECHNOLOGY

Cybersecurity Information Sharing Act Still Awaits Action in US Senate


ISACA-Logo

Because October is National Cyber Security Awareness Month, conventional wisdom holds that the US Senate will consider cybersecurity information sharing legislation that was introduced in the spring. The Senate, however, has yet to schedule a formal vote on the Cybersecurity Information Sharing Act (CISA) (S. 754).

The proposed legislation aims to defend against cyberattacks through the creation of a framework for the voluntary sharing of cyberthreat information between private entities and the federal government. Companies may share threat indicators and defensive measures with the government, but they must institute appropriate security controls and remove personal information. Liability protection is available for companies choosing to share information, provided they implement the proper controls.

During his State of the Union address earlier this year, US President Barack Obama urged Congress to pass legislation focused on cybersecurity, including the sharing of information. The US House of Representatives passed two similar bills on information sharing in April: the Protecting Cyber Networks Act (PCNA) (H.R. 1560) and the National Cybersecurity Protection Advancement Act (NCPA) (H.R. 1731). One of the key differences in the House bills is that the NCPA Act only authorizes sharing with the Department of Homeland Security, while the PCNA provides companies the flexibility to choose to share cyber threat indicators or defensive measures with a number of different government agencies.

Before a conference committee can convene and iron out differences between the House and Senate versions, the Senate must act. Media reports that the Senate will likely consider the legislation after they return from a brief recess the second or third week in October, but no firm plans have been announced. According to published media reports, the Senate is working to limit amendments in order to fast-track debate on the proposed legislation.

There is a deep divide on whether the CISA legislation should be passed. Some businesses and industries welcome the information sharing and liability protections the Act would provide. Privacy advocates, however, warn that the Act would put individuals’ private information in the hands of the US government.

Montana Williams
Sr. Manager of Cybersecurity Practices, ISACA

[ISACA Now Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 121,045 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,357 other followers

Twitter Updates

Archives

October 2015
M T W T F S S
« Sep   Nov »
 1234
567891011
12131415161718
19202122232425
262728293031  
%d bloggers like this: