Removing Barriers Blog

Joint Trades Letter on Final Amendments to CISA
Posted October 26, 2015 by CUNA Advocacy

Along with several other trades, we submitted a letter to Senate leaders Mitch McConnell and Harry Reid, urging them to support S. 754, the Cybersecurity Information Sharing Act (CISA). In March, this bill was approved on a near unanimous and bipartisan basis by the Select Committee on Intelligence. Our letter expressed concerns with several amendments that could weaken the legislation or compromise the bill’s final passage. In particular, we highlighted our concerns with amendments from Leahy (#2587), Franken (#2612), Wyden (#2621) and Flake (#2582).

CISA is intended to foster voluntary and timely information sharing of cyberthreat indicators. Both Franken #2612 and Wyden #2621 would create ambiguities in the definition of what constitutes a cyber threat and would needlessly complicate and weaken provisions on the removal of personal information, respectively. These amendments would place unnecessarily restrictive roadblocks to the timely and effective sharing of cyber threats.

As drafted, the CISA legislation prohibits information from being released under the Freedom of Information Act (FOIA). Financial institutions need to know the information they voluntarily share about cyberthreats with the government will remain confidential. The information could contain sensitive details about financial institutions’ cyber security programs and the methods employed to protect customer data from bad actors. The Leahy amendment, #2587, would strike this protection and permit information to be obtained through a FOIA request. This amendment runs counter to CISA’s intended purpose of encouraging the voluntary sharing of useful cyber threat information.

Finally, the Flake amendment, #2582, places a sunset on the legislation after merely six years. The sunset fails to take into consideration the infrastructure and resources needed to be put in place by the private sector for effective threat information sharing.