Skip to main content
Advertisement
Advertisement
Nominations can be submitted for the 2025 CyberScoop 50 awards!
Click here!
Close
Lawmakers also need to take action on legislation to better harmonize federal cybersecurity regulations, Democrats’ staff director on a key Senate committee said.
Listen to this article
0:00
Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.
U.S. Capitol, September 2024; Thanasis, Getty Images
Congress needs to reauthorize an expiring law that provides legal protections to companies for sharing cyber threat information with the federal government and each other, the staff director for Democrats on the Senate Homeland Security and Governmental Affairs Committee said Wednesday.
The 2015 Cybersecurity and Infrastructure Security Act is due to lapse at the end of September. It provides defenses against lawsuits for companies sharing threat information, antitrust law exemptions and more.
“Providing them with the liability shield that was created about a decade ago is critical to allow real-time information sharing with the federal government,” David Weinberg said at the FedScoop-produced Elastic Public Sector Summit in Washington, D.C. “We want to make sure that critical infrastructure operators are forthcoming when” cyberattacks happen.
The chairman of the panel, Sen. Rand Paul, R-Ky., opposed the law in 2015 over privacy concerns. But its renewal has bipartisan support among some leaders of the committees that might vet the bill, including the House Homeland Security Committee and the House and Senate intelligence panels.
Advertisement
Weinberg also advocated for the panel to pass stalled legislation that seeks to address a tangle of sometimes-conflicting cybersecurity regulations by creating a committee of executive branch officials to examine it.
“We think this is a good starting point [to] create sort of an interagency committee on regulatory harmonization for cybersecurity and make sure that we are cracking down on duplicative or conflicting regulations,” he said. “And they would make recommendations back to Congress for us to try to do a more sweeping effort to harmonize across cybersecurity, from cyber hygiene to more prescriptive regulations that critical infrastructure operators face.”
The Senate Homeland Security and Governmental Affairs Committee approved the bill by a vote of 10-1 last year, but never advanced further. Paul voted against the legislation.
Committee Democrats are also looking to make sure the Cybersecurity and Infrastructure Security Agency isn’t damaged. Paul has been a staunch critic of the agency.
“I think we’re kind of in a ‘do no harm’ posture,” Weinberg said. “We are trying to make sure CISA matures, we get in place good nominees and understand the mission there and across the federal government in terms of our cybersecurity needs.”
Advertisement
The Trump administration last week nominated Sean Plankey to lead CISA.
Tim Starks
Written by Tim Starks
Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he's covered cybersecurity since 2003. Email Tim here: tim.starks@cyberscoop.com.
In This Story
Advertisement
Advertisement
Advertisement
More Scoops
(L-R) Rep. Nick LaLota R-N.Y., Rep. Tony Gonzales, R-Texas, Rep. Marjorie Taylor Greene, R-Ga. and Rep. Andrew Garbarino, R-N.Y., listen during a hearing with the House Committee on Homeland Security on Jan. 30, 2024. (Photo by Anna Moneymaker/Getty Images)
Trade groups worry information sharing will worsen without critical infrastructure panel, CISA law renewal
The groups told lawmakers that both the committee and the law provide vital protections for cyber threat information swapping.
By Tim Starks Sean Plankey
Sean Plankey speaks at a Department of Energy event in 2018, while he was a cyber adviser at BP. (Argonne National Laboratory / Flickr)
Sean Plankey picked by Trump to be CISA director
By Tim Starks
Gwengoat, iStock/Getty Images Plus
DHS says CISA won’t stop looking at Russian cyber threats
By Tim Starks
Latest Podcasts
Government
Technology
Advertisement
Continue to CyberScoop