Mondo Visione Worldwide Financial Markets Intelligence

FTSE Mondo Visione Exchanges Index:

CCData-468x60x2.jpg BT_Radianz_468x60_Jul23 FEAS 30th Anniversary Conference

Karl Schimmeck Of Northern Trust Testifies Regarding Need For Reauthorization Of The Cybersecurity Information Sharing Act On Behalf Of SIFMA

Date 15/05/2025

Today Karl Schimmeck, Executive Vice President and Chief Information Security Officer of Northern Trust, testified before the U.S. House of Representatives Committee on Homeland Security’s Cybersecurity and Infrastructure Protection Subcommittee at a hearing entitled, “In Defense of Defensive Measures: Reauthorizing Cybersecurity Information Sharing Activities that Underpin U.S. National Cyber Defense.”  Schimmeck, who sits on SIFMA’s Cybersecurity Committee, provided an overview of why it is critical for Congress to reauthorize certain key provisions of the Cybersecurity Information Sharing Act (CISA) of 2015 which are set to expire.

“SIFMA and the financial services industry remain committed to strengthening the cybersecurity of our nation’s critical infrastructure. CISA 2015 has been a vital tool in building the trust, structure, and legal certainty needed for effective, real-time collaboration between the private sector and government,” Schimmeck said in his testimony today. “It has made our institutions more resilient, our responses more coordinated, and our defenses more adaptive. Allowing the Act to lapse would weaken one of the most constructive public-private partnerships in cybersecurity policy to date. We respectfully urge this Subcommittee and Congress to act swiftly to reauthorize CISA 2015.”

The testimony outlines the reasons timely reauthorization is essential:

  • The U.S. Government and the private sector face daily cyber threats that require cross-sector information sharing to capably combat.
  • Legal protections under CISA 2015 are necessary to facilitate information sharing by and among private companies.
  • CISA 2015 provides legal and liability protection for entities that share cyber threat indicators pursuant to the Act. Prior to CISA 2015, existing laws did not clearly shield private entities from regulatory enforcement actions, civil actions, or antitrust enforcement actions when sharing cyber threat information. Such protections encourage voluntary information sharing, which has become necessary for defending against cyber threats.
  • Public-private information sharing has been beneficial to the financial services industry’s cybersecurity programs.
  • A lapse in the legal framework provided in the Act could discourage essential information sharing.

The full testimony can be found here.

MV 120 X 600 Hard to Reach BT_Radianz_120x600_Jul23.jpg FEAS_2025_MondioVisione_120x600-banner