Archive

Go to:

November 2017
SMTWTFS
1234
567891011
12131415161718
19202122232425
2627282930
< Oct Dec >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Senate Committee Passes Cybersecurity Info Sharing Bill
Monday, March 16, 2015 6:30 AM

A bill encouraging shared information on cybersecurity threats was marked up and passed by the U.S. Senate Select Committee on Intelligence last week. The bill passed the committee by a 14-1 vote, and CUNA advocacy staff are working through the details of the bill.

The act, introduced by Senate Intelligence Committee Chair Richard Burr (R-NC) and Vice Chair Dianne Feinstein (D-CA), promotes sharing information on potential cybersecurity threats, leaves it voluntary, and requires all personal information to be removed before the information is shared.

"The bill we passed today is overdue and will enable our agencies and institutions to share information about cyberthreats while also providing strong privacy protection for our citizens," Burr said in a statement. "With risks growing every day, we are finally better prepared to combat cyber attackers with this bill."

If enacted into law, the bill would:

  • Direct increased sharing of classified and unclassified information about cyberthreats with the private sector, including declassification of intelligence as appropriate;
  • Authorize private entities to monitor their networks or those of their consenting customers for cybersecurity purposes. Companies are authorized to share cyberthreat indicators or defensive measures with each other or the government;
  • Require the establishment of a capability at the U.S. Department of Homeland Security as the primary government entity to quickly accept cyberthreat indicators and defensive measures through electronic means;
  • Provide liability protection for companies' appropriate use of additional cybersecurity authorities. The monitoring of networks for cybersecurity threats is protected from liability, along with sharing information about cyberthreats between companies consistent with the bill's requirements; and
  • Require reports on implementation and privacy impacts by agency heads, inspectors general, and the Privacy Civil Liberties Oversight Board to ensure that cyberthreat information is properly received, handled, and shared by the government.

A version of the bill, sponsored by Feinstein, came out of committee last year but was not taken up by the Senate as a whole.