The U.S. Senate Select Committee on Intelligence today passed the bipartisan Cybersecurity Information Sharing Act of 2014 by a vote of 12-3.
The bill includes an amendment by Sen. Mark R. Warner (D-VA) that would require the Intelligence Community to produce a comprehensive accounting of the threat from cyberattacks and cybercrime, how the United States can better share intelligence with partner nations, what new technologies could help, and the extent to which prompt reporting of data breaches can help combat this threat.
“I am pleased that the Senate Select Committee on Intelligence included my amendment in this bipartisan legislation,” Sen. Warner said. “Cyberattacks and cybercrime are a significant economic and national security threat to the United States, accounting for as much as $120 billion in economic and intellectual property losses each year. It is essential that we take meaningful steps now to defend against this threat and improve our capability to do so.”
“Cyber attacks present the greatest threat to our national and economic security today, and the magnitude of the threat is growing,” said Senate Intelligence Committee Chairman Dianne Feinstein (D-CA). “To strengthen our networks, the government and private sector need to share information about attacks they are facing and how best to defend against them. This bill provides for that sharing through a purely voluntary process and with significant measures to protect private information.”
Earlier this year, Sen. Warner chaired a Senate Banking subcommittee hearing on the recent massive credit and debit card security breaches impacting major retailers like Target and Neiman Marcus and millions of American consumers.He also successfully pushed retailers to establish an information sharing platform to better coordinate with law enforcement agencies and partners in the financial services sector to more efficiently combat cybersecurity threats, in the wake of the Target data breach.
Senator Warner’s amendment to the Cybersecurity Information Sharing Act requires the Director of National Intelligence, in coordination with the heads of other appropriate elements of the intelligence community to submit to Congress a report on cybersecurity threats, including cyberattacks, theft, and data breaches, including:
1) Which countries we currently share cyber threat intelligence with, and how these relationships might be improved;
2) The countries and non-state actors representing the greatest threat to the U.S., especially its security, economy and intellectual property;
3) An assessment of the extent to which U.S. response to cyber-attacks and data breach is hindered by a lack of prompt notification by private sector entities; and
4) The additional technologies or capabilities that would enhance our ability to prevent and respond to attacks, and whether there are any technologies from the private sector that could be rapidly fielded to enhance our capabilities.