A new Senate bill that gives businesses that suffer cybersecurity breaches immunity from provisions barring the sharing of information is causing great concern among the IT security channel because of the potential for abuse.
The Cybersecurity Information Sharing Act of 2015, or CISA, passed Tuesday by the U.S. Senate, is aimed at promoting information sharing between the public and private sectors. The bill sets up a system for threat intelligence information sharing between the two sectors led by the director of national intelligence.
The bill would bypass privacy and antitrust laws that currently prevent the sharing of information after an attack. In theory, sharing such information could allow other businesses more time to put in place procedures to prevent a similar attack on their operations.