It's not hard today to find news accounts of how America's digital networks are under siege. Cyber criminals are at work, hoping to extract valuable data from consumers, businesses, and government organizations and to shut down or disrupt our critical infrastructure. One way to combat these attacks is allowing businesses and the government to share information about possible cyber threats in order to more effectively respond. Unfortunately, current legal barriers discourage collaboration, putting more consumer data and our most critical infrastructure in harm's way.
To spur action on this front, I sent a letter on behalf of BSA | The Software Alliance to Senate leadership, encouraging them to take up cyber threat information sharing legislation that will help both businesses and government combat cyber threats.
The Cybersecurity Information Sharing Act of 2015 (S.754), introduced by Sen. Richard Burr (R-NC), has bipartisan support and deserves a robust debate before the full Senate. The Senate Intelligence Committee favorably reported the bill out of committee in April, and the House of Representatives has already taken necessary steps by overwhelmingly passing measures with similar goals: the Protecting Cyber Networks Act (HR 1560) and the National Cybersecurity Protection Advancement Act (HR 1731). The Senate has a valuable opportunity to take action on this key legislation now.
Enacting effective cyber threat information sharing legislation will allow public- and private-sector entities to voluntarily share valuable threat data, best practices, and vulnerabilities while protecting consumer privacy. BSA previously outlined six key tenets of effective information sharing legislation. Increased situational awareness will enhance the ability of businesses, consumers, and operators of critical infrastructure to better defend themselves against attacks and intrusions.
Cybersecurity threats change on a daily basis, and BSA member companies are at the forefront of these battles. BSA urges the Senate to pass legislation that gives a helping hand to these companies and provides government necessary tools in the continuing fight against cyber crime.