The U.S. Senate is expected to vote as early as October 27 on CISA, the “Cybersecurity Information Sharing Act” (S. 754), legislation that would encourage both the private sector and the federal government to boost cooperative information sharing about cyber threats.
The bill, which was approved by the Senate Intelligence Committee in March, would authorize companies and public utilities to monitor their computer networks for cyber threats, establish a new cyber information sharing portal at DHS, allow companies and public utilities to take “defensive measures” in cyberspace in response to identified cyber attacks, and provide liability protections to companies and public utilities that appropriately carry out the actions authorized under the legislation.
Early versions of CISA only applied to privately held companies and public electric utilities, so AMWA and other water sector organizations worked with senators to ensure the bill would provide equal protections to public water utilities that wish to respond to threats in cyberspace. The final version of the bill expected to receive a vote in the Senate places public utilities on equal legal footing with their private-sector counterparts.
Should the Senate approve CISA as expected, the likely next step for the bill is a conference committee. Earlier this year the House of Representatives approved a similar cyber information sharing bill (H.R. 1560), so lawmakers will have to meet to work out a final bill to send to the president’s desk.