Posts

Showing posts with the label privacy and negligence claims

When cyber threat sharing laws lapse: Legal risk in a government shutdown

The recent shutdown of the federal government has left many critical services in limbo, including the nation’s primary cybersecurity agency. Amid the ongoing budget standoff in Congress, funding for the Cybersecurity and Infrastructure Security Agency lapsed, coinciding with the expiration of the  Cybersecurity Information Sharing Act of 2015 . The expiration of the Act creates operational and legal uncertainty for organizations at a time when cyberattacks are at an all-time high. The law had long provided liability protection for companies that shared cyber threat information in good faith, establishing a legal framework for public-private defense collaboration. Role of CISA Before the Act took effect in 2015, companies that alerted federal partners or peers about cyber incidents risked violating privacy, contract, and competition laws. The Act was designed to remove those disincentives and encourage information sharing by providing the following: Liability protections:   Shi...