News and Announcements
  • USLAW NETWORK Foundation announces Foundation Partners program

    The USLAW NETWORK Foundation, the philanthropic division of USLAW NETWORK, is excited to announce its first group… Continue Reading

  • EVENTS

    It’s no secret – USLAW can host a great event. Throughout the year, we have a full… Continue Reading

For Law Firms
  • USLAW for Law Firms

    USLAW was founded in 2001 and has focused on delivering exceptional client service, trusted relationships and friendships… Continue Reading

For Clients and In-House Legal Decision Makers
  • USLAW for Clients and Legal Decision-Makers

    USLAW NETWORK provides legal decision-makers with access to attorneys who are highly knowledgeable and skilled in jurisdictions… Continue Reading

For Corporate Partners
  • USLAW for Corporate Partners

    USLAW NETWORK is supported by our family of corporate partners, each of whom provides a high-level expertise… Continue Reading

For Attorneys
  • USLAW for Attorneys

    USLAW NETWORK is a terrific business development, networking, and professional development organization for lawyers across a spectrum… Continue Reading

Featured
  • Trusts and Estates

    Trust and estate planning can be complicated, but strategic planning is vitally important in helping you minimize… Continue Reading

  • Complex Tort and Product Liability

    The USLAW NETWORK Complex Tort and Product Liability Practice Group is a nationwide network of experienced attorneys… Continue Reading

Featured Resources
  • USLAW releases Spring 2024 issue of USLAW Magazine

    WHAT YOU'LL FIND IN THIS ISSUE In this issue of USLAW Magazine, we feature articles that delve… Continue Reading

  • State Judicial Profiles by County

    State Judicial Profiles by County Jurisdictional awareness of the court and juries on a county-by-county basis is… Continue Reading

USLAW Foundation News
  • Commitment to Diversity

    From the beginning of our organization, USLAW NETWORK has championed the cause of racial equality. We believe… Continue Reading

  • USLAW NETWORK Foundation announces Foundation Partners program

    The USLAW NETWORK Foundation, the philanthropic division of USLAW NETWORK, is excited to announce its first group… Continue Reading

Cybersecurity Information Sharing Act Approved by Senate

POSTED NOVEMBER 3, 2015

A special to USLAW NETWORK and USLAW DigiKnow

By Karen Painter Randall, Connell Foley LLP, Roseland, New Jersey

After early unsuccessful attempts, on October 27, 2015, the Senate finally passed the Cybersecurity Information Sharing Act (“CISA”), a bill intended to curtail cyberattacks by encouraging its victims to share information about the attack, potentially protecting future would-be targets.

Under CISA, when a U.S. company is the victim to a cyberattack, the federal government will receive an alert and, thereafter, immediately distribute a “cyber threat indicator” that includes detailed information about the attack to other companies. The company first informs the Department of Homeland Security, which in turn informs the FBI, the NSA, other government agencies, as well as other companies. While industry-specific and private services exist that do this exact task, CISA would be the first to do so across industries.

The bill targets the information gap between a private company that has been attacked and other companies and the government. Usually in order to limit liability, a company can only share knowledge and details of the attack internally, often only with its legal counsel. As a result, critical information like the origin and nature of the attack never reach an audience full of potential next victims. Instead, the same methodology for an attack can be used over and over again on multiple companies without a single company ever knowing it has fallen prey to the same cyber predator as others. CISA targets this issue by spreading information about the attack as soon as possible.

Participation in CISA is solely voluntarily, but the bill provides a huge incentive to partake: elimination of liability, rendering participants near immune to lawsuits for sharing information. The information to be reported by each company, can potentially contain personal or sensitive information, but is more likely to contain data like a harmful code responsible for an attack. These cyber threat indicators can then be distributed.

The 74 to 21 vote in the Senate in favor of CISA reflects strong bipartisan support, but opponents still cite privacy and effectiveness concerns. Tech giants like Apple and Symantec have publicly criticized the bill for its potential privacy issues. Others have questioned the bill’s practicability; many companies often do not even realize they have been hacked, challenging the effectiveness of a knowledge-based prevention system.

In spite of such objections, CISA is a welcomed response from the government to address one of the biggest issues facing the private and public sector alike. Following mega breaches like that of Sony or Target, the bill is an overdue early step to combat the ever-growing threat and presence of cyberattacks.

Designed & Developed by Peak Seven