As businesses search for ways to better protect their information from online threats, the House of Representatives has passed two cybersecurity bills aimed at bolstering the sharing of information between the public and private sector.
On April 22, the House passed a bill that would encourage businesses and the federal government to share information on known cyber threats, the Protecting Cyber Networks Act (H.R. 1560), by a 307-116 margin.
“Americans need to know they can use their credit cards or buy health insurance without fearing that their personal information will be stolen by cyber-thieves or exploited by hostile foreign powers. This bipartisan bill takes strong action to defend our networks against these threats,” House Permanent Select Committee on Intelligence Chairman Devin Nunes (R-CA) said.
A day later, the House passed a measure that would provide liability protection to companies that share information on cyber threats with the Department of Homeland Security, the National Cybersecurity Protection Advancement Act of 2015 (H.R. 1731), by a 355-63 vote.
House Committee on Homeland Security Chairman Michael McCaul (R-TX) said removing the legal barriers for the voluntary sharing of cyber threats “will help keep malicious nation states and cyber criminals out of our vital digital networks.”
Kurt Manske, vice president of compliance and corporate IT at QTS Realty Trust, Inc. (NYSE: QTS), noted that collaborative public-private information sharing is “crucial to reducing information security risk and enabling businesses and governmental entities to respond to risks quickly and successfully.”
Manske said both bills are an important step toward achieving that goal and are designed in a way that “gives consideration to how information security risk data can be shared within the context of robust privacy protections.”
Manske added that further progress is needed to define how this legislation integrates with S. 754, the Cybersecurity Information Sharing Act of 2015 (CISA), passed by the Senate Select Committee on Intelligence.
In a letter endorsing H.R. 1560 and H.R. 1731, NAREIT and other industry groups observed that cyber attacks are increasing in scope and complexity. “Recent cyber incidents underscore the need for legislation to help businesses improve their awareness of cyber threats and to enhance their protection and response capabilities in collaboration with government entities,” the letter said.