Over the past several years, major cyberattacks have dominated the headlines and dramatically raised public awareness of online security. Hundreds of millions of consumers have had their personal and financial data stolen by cyber criminals who breached the networks of major retailers. The personal information of millions of current and former government workers fell into the hands of foreign hackers who broke into the Office of Personnel Management’s employment files, compromising addresses, Social Security numbers, and more.
The scary part is that these high-profile attacks represent just a fraction of the criminal activity happening in the shadows of cyberspace. And it will only intensify as adversaries—ranging from hacktivist organizations to sophisticated militant groups to nation-states—take advantage of the rapid pace of technological advancement and stay one step ahead of us.
Government and businesses alike are the target of these criminal efforts, and they must be able to work together to prevent, detect, and mitigate threats. To that end, the Senate is poised to take up badly needed and long-overdue cybersecurity legislation. The Cybersecurity Information Sharing Act of 2015 (CISA) is our best chance yet to address this economic and national security priority in a meaningful way and help prevent further attacks.
CISA would help businesses raise their awareness of specific cyber threats and enhance their protection and response capabilities in collaboration with government entities. It would allow businesses to voluntarily share and receive data on cyber threat indicators, while safeguarding them against frivolous lawsuits.
The bipartisan authors of the legislation have worked diligently to address the concerns of privacy and civil liberties organizations. They have taken steps to ensure that, under the law, data can only be shared for cybersecurity purposes. They have eliminated the government’s ability to surveil individuals or monitor crimes unrelated to cybersecurity. And they have included multiple, overlapping provisions to guard and respect individuals’ privacy and personal information.
CISA represents a workable bipartisan compromise among many stakeholders. It has earned the support of the US Chamber-led Protecting America’s Cyber Networks Coalition, which represents every segment of our economy—from transportation, manufacturing, and energy to communications, retail, and banking. It has the backing of the White House and high-level leadership at key federal agencies.
If the Senate follows in the House’s footsteps and votes to approve a good cyber bill this fall, we can send legislation to the president by the end of the year. But if we don’t finish the job soon—while support is strong and momentum is building—we will only make our nation more vulnerable to cyberattacks that hurt us all.
Thomas J. Donohue is the president and CEO of the US Chamber of Commerce.