The IT Law Wiki

Citation[]

Cybersecurity Information Sharing Act of 2015 (CISA) (Title I of the Cybersecurity Act of 2015).

Overview[]

This Act is designed to increase cybersecurity information sharing between the private sector and the Federal Government. The Act provides various protections to non-federal entities that share cyber threat indicators or defensive measures with the Federal Government. DHS's AIS initiative is the principal mechanism for such sharing with the Federal Government. Sharing with DHS through AIS or other DHS mechanisms that is conducted in accordance with the Act's requirements receives liability protection.

As mandated by the Act, DHS has released guidance to assist private sector and federal entities share cyber threat indicators with the Federal Government. The Department also released interim policies and procedures relating to the receipt and use of cyber threat indicators by federal entities, interim guidelines relating to privacy and civil liberties in connection with the exchange of those indicators, and guidance to federal agencies on sharing information in the government's possession: