Industry leaders from the financial services, energy and technology sectors urged Congress today to take action to reauthorize the Cybersecurity Information Sharing Act (CISA 2015), before it expires on September 30, 2025. In a letter to Senate and House leadership, the coalition warned that failure to act could eliminate a valuable tool used to protect America’s critical infrastructure sectors.
“This voluntary information-sharing framework has been instrumental in strengthening our collective defense against cybersecurity threats that continue to grow in sophistication and severity,” the letter states. “The expiration of these protections risks creating a chilling effect on this critical information exchange—leaving us all more vulnerable to nation-state attacks and cybercriminals moving forward.”
The bipartisan CISA legislation — enacted in response to the 2015 Office of Personnel Management data breach — provides private sector entities with important information and liability protections for sharing cyber threats with CISA. It also includes an antitrust exemption that provides similar protections for sharing between private companies.
The letter was signed by the:
- Alliance for Digital Innovation
- American Bankers Association
- American Public Power Association
- Bank Policy Institute
- Business Software Alliance
- Edison Electric Institute
- Independent Community Bankers of America
- Information Technology Industry Council (ITI)
- Institute of International Bankers
- National Rural Electric Cooperative Association
- Operational Technology Cybersecurity Coalition
- Securities Industry and Financial Markets Association
To read the full letter, click here.
