Patriot Act Reauthorization Debate Delays Cybersecurity Legislation

By George E. Kostel and Darryl Drevna

With the House of Representatives’ recent action on two cybersecurity bills, focus turns to the Senate and the Cybersecurity Information Sharing Act of 2015 (CISA). Cyber attacks and data breaches are targeting some of the world’s largest corporations and businesses and exposing them and their customers’ data to criminal enterprises or even foreign governments. For example, two weeks ago cyber criminals stole about $5 million from Ryanair, indicating that false electronic bank transfers may be a new cyber weapon. The bills pending in Congress offer companies varying levels of liability protection for sharing information with each other and the government on cyber threats and attacks. Security experts consider such information sharing to be a vital aspect of an effective cybersecurity system. Civil liberties groups, however, are concerned that neither bill adequately protects consumer information as well as they protect businesses from liability from improperly shared (or criminally disclosed) data. As Congress continues its work on cybersecurity, businesses should be aware of the protections that may be put into place as the legislation nears final passage when considering how to best implement cybersecurity policies and procedures.

To view the full alert click here.