Three industry associations and the Obama administration have applauded the Senate passage of the Cybersecurity Information Sharing Act (CISA, S.754) Tuesday.
“CISA is badly needed and long-overdue cybersecurity legislation that would enable government and businesses to work together to better prevent, detect, and mitigate threats. While there is no silver-bullet solution to stopping cyberattacks, this legislation is a positive step toward enhancing our nation’s cybersecurity, and addresses this economic and national security priority in a constructive and meaningful way,” Thomas Donohue, president and CEO of the U.S. Chamber of Commerce, said in a statement Tuesday, following the vote.
The chamber urged the Senate and House to quickly work out differences in their respective cybersecurity information sharing bills. “We need to get the job done now—nation states or their proxies and criminal groups are attacking American enterprise with impunity, and that has got to stop,” Donohue said.
The Securities Industry and Financial Markets Association (SIFMA) also approved of the vote, although it has some reservations on the final language.
“Importantly, while we are supportive of the process moving forward to a conference, SIFMA does have serious concerns with language adopted during the Senate process (Section 407) which would give an outsize and inappropriate role to the Department of Homeland Security in making information sharing determinations and could lead to burdensome regulation that would undermine the voluntary nature of CISA,” SIFMA president and CEO Kenneth Bentsen said in a statement.
SIFMA, which represents the securities industry of broker-dealers, banks, and asset managers, strongly urged the conference committee to strike that provision.
The Financial Services Roundtable (FSR) agreed with SIFMA on Section 407. Language in the section “would create duplicative regulatory oversight for financial service firms. The language also adds mandatory requirements that are inconsistent with the voluntary nature of the legislation,” FSR said in a statement.
The White House was pleased with CISA’s passage following an endorsement of the bill last week, albeit with some reservations (Defense Daily, Oct. 23).
“I wanted to let you know that everyone at the White House, including the President, is encouraged that the Senate has passed key portions of the legislative proposal that the President sent to Congress in January on cybersecurity,” Eric Schultz, principal deputy press secretary, said aboard Air Force One en route to Andrews AFB, Md., on Wednesday.
Schultz praised Sens. Diane Feinstein (D-Calif.), Tom Carper (D-Del.), and Richard Burr (R-N.C.) for their support of the bill. “We’re hopeful that the Senate and House can work together expeditiously to send the best possible bill to the President’s desk as soon as possible,” Schultz added.
Secretary of Homeland Security Jeh Johnson also supported CISA and thanked the senators for their leadership.
“The Senate bill will now go to conference with the earlier-passed House cybersecurity bill. Both bills strengthen the role of the Department of Homeland Security in our Nation’s cybersecurity effort. For DHS’s part, I pledge our energy and focus to this national imperative,” Johnson said in a statement.
Following the defeat of most amendments, CISA passed the Senate 74-21. (Defense Daily, Oct. 27). Next, the Senate and House of Representatives form a conference committee to reconcile CISA and previously passed House cybersecurity information sharing legislation.
One of two House cybersecurity information sharing bills that will be taken up in the conference is the Protecting Cyber Networks Act (H.R. 1560), originating in the House Permanent Select Committee on Intelligence and co-sponsored by Chairman Devin Nunes (R-Calif.) (Defense Daily, April 22)
After CISA passed Tuesday evening, Nunes congratulated co-sponsors Burr and Feinstein and noted “earlier this year, the House Intelligence Committee worked closely, and on a bipartisan basis, with other House committees and the White House to draft effective information-sharing rules that will break down legal barriers, help secure our networks, and counter the persistent threat of cyber-attacks. I look forward to a conference with the Senate in the near future so we can quickly get a unified bill to the president’s desk.”
Rep. Michael McCaul (R-Texas), chairman of the House Committee on Homeland Security, co-sponsored the other House bill that passed in April, the National Cybersecurity Protection Advancement Act (NCPAA) of 2015 (H.R. 1731) (Defense Daily, April 23). McCaul cited strong misgivings about CISA earlier last week before amendments, including the manager’s package, were adopted (Defense Daily, Oct. 21). After CISA passed, he mirrored Nunes in looking forward to the conference to work out differences.
“I congratulate the Senate for passage of their cybersecurity bill. The House passed our version by a similar overwhelmingly bipartisan vote in April. We look forward to going to conference with the Senate to work out our differences and produce a final bill that ensures American’s privacy and better protects our nation’s networks,” McCaul said in a statement Tuesday evening.