Financial services trade groups on Tuesday urged the Senate Select Committee on Intelligence to pass the Cybersecurity Information Sharing Act of 2014, which they say will further strengthen the ability of the private sector and the federal government to work together to develop a more effective information sharing framework to respond to cyber threats.
The legislation, introduced June 17 by committee chairwoman Dianne Feinstein, D-Calif., and Senate Intelligence Committee Vice Chairman Saxby Chambliss, R-Ga., was being marked up by the committee on Tuesday in a closed-door session.
The Financial Services Roundtable and the Securities Industry and Financial Markets Association told the committee in a joint letter that “the threat of cyber attacks is a clear and present danger to our industry and to other critical infrastructure providers that we and the nation as a whole rely upon.”
While FSR and SIFMA said in the letter that the financial services sector “makes substantial investments in protecting our infrastructure, has improved coordination among institutions of all sizes and is continually enhancing our partnerships with the Federal government,” these measures are “not enough and it is critical for Congress to take action to enhance, facilitate and protect threat information sharing across sectors and with the federal government.”
Taken as a whole, FSR and SIFMA say, the draft bill “is a very good step forward as it provides liability and antitrust protections while balancing the need for privacy protection,” and will also “facilitate cross-sector information sharing and respects and builds upon existing information sharing programs.”
Feinstein said in a press release that the bill removes legal barriers for companies to share, receive and use cyber threat information and cyber countermeasures (defensive measures) on a purely voluntary basis; Provides liability protection for the sharing of cyber information for cybersecurity purposes; and provides important protections to ensure that sharing of cyber information does not allow for privacy intrusions.
Check out Cybersecurity: What the Regulators May Do on ThinkAdvisor.