On Thursday, April 26, the United States House of Representatives passed the proposed bill referred to as the Cyber Intelligence Sharing and Protection Act (H.R 3523). The intended purpose of the bill, commonly known as CISPA, is to encourage entities to share more useful and timely cyber security-related information with the Federal government. While I am pleased to see the House has taken a step forward to improve cybersecurity, one should remember there are many aspects of cybersecurity — this bill addresses only one.
Some politicians and groups such as the American Civil Liberties Union (ACLU), Electronic Frontier Foundation (EFF) and Center for Democracy and Technology (CDT) have expressed concern for parts of this bill’s language as it affects civil liberties and the sharing of personal information with the government. Among these concerns is the language being too broad as it pertains to defining security-related information and what constitutes cybersecurity.
To protect the nation, its businesses and, most importantly, its citizens, we must find a way to share appropriate security-related information bi-directionally between the government and the private sector. In addition, our laws and regulations must be updated to reflect this two-way communication while we work toward improving data security, increasing awareness and enhancing cybersecurity. This is an issue affecting everyone and the House has taken a much-needed step forward, but the Senate must work to ensure the protection of citizens’ privacy and civil liberties.
There is no silver bullet to address cybersecurity. The government and private sector must constantly work together to address the security of the nation’s IT infrastructure and close the gap between our current cybersecurity preparedness and the state necessary to ensure security. The right balance between cybersecurity and privacy must be struck. While this is similar to threading a needle, a concerted, bi-partisan effort must be made. With input from the private sector, advocacy groups and the Senate, CISPA could help address one element of cybersecurity.