Cyber Security Information Sharing Act
At the end of October, the Senate passed the Cybersecurity Information Sharing Act. This legislation gives private companies legal immunity for sharing data with the Federal Government. This was passed over the protests of many lawmakers and consumer advocates. “In theory, the information shared would be limited to ‘threat indicators’ — data such as technical information about the type of malware used or the ways that attackers covered their tracks while sneaking through systems.” Andrea Peterson -- The Washington Post
One of the purposes of this legislation is to help U.S. companies react more quickly to cyberattacks on their computer systems. If a company gets hit with a specific type of hack, the federal government would receive an alert and immediately distribute warnings to other companies.
While the law provides some immunity to businesses, it only applies to information sharing with the Federal Government. Businesses still need Cyber Liability Insurance as part of their risk management program.
What we do not know, is what will the Federal Government do with information? It will be impossible to know until the law is fully implemented later in 2016.