How Is CISA Really Going To Affect Cybersecurity?

CISA Cybersecurity

Desperate times call for desperate measures, and it was only a matter of time before the U.S. government came up with a new federal law concerning cybersecurity, since the last one, the Cyber Intelligence Sharing and Protection Act, was defeated in the Senate in 2013. Last year was “the year of the breach”, which resulted in many cyber-attacks leading to the passing of a new federal law – the cybersecurity Information and Sharing Act.

This law is said to greatly improve cybersecurity in the United States, but it actually faces a lot of opponents due to its vagueness. It is definitely going to affect cybersecurity, but in what way? Read on to find out what this bill represents and how it actually affects cybersecurity in the U.S.

What Exactly Is CISA

CISA, or the Cybersecurity Information and Sharing Act, is a U.S. federal law that is meant to improve cybersecurity in the United States by allowing technology and manufacturing companies to share information about cybersecurity threats with the U.S. government. It is a way for every company to share “cyber threat indicators” with Government agencies and the Department of Homeland Security, in an attempt to fight hackers and prevent damage before it’s too late.

The collected data can be shared with any of the U.S. government agencies, including the NSA, the FBI, the CIA and many others. This bill protects companies from Freedom of Information Act requests by protecting them from any liability lawsuits for the harm done to their customers, due to the sharing of their private information, as long as they follow government guidelines.

data-issues

What Do the “Cyber Threat Indicators” Include?

According to CISA, “cyber threat indicators” represent any information that is necessary for identifying threats and they include the following: the consequences of a cyber-attack, “malicious resonance”, that is, any spy software that can steal your passwords, network activity that shows security Vulnerabilities, codes that can bypass your security measures, as well as “malicious cyber command and control” that can point to the source of the cyber-attack.

All of these indicators are pretty useful for fighting hackers and they show potential ways for improving cybersecurity. Another thing that this bill indicates is that companies can share any other information related to cybersecurity threats, unless it is not legal to share that information due to other laws. That is the vague and tricky part that makes everyone wonder whether this shared information will be misused.

Will CISA Leave Room for Privacy?

Apparently, the U.S. citizens can all say goodbye to privacy. That is the main reason why CISA has so many opponents, among which are some of the major technology companies, such as Microsoft, Apple, Google, Facebook, Twitter, Reddit, Wikipedia and many others. The greatest opponents include private companies that don’t engage in any nefarious activities and have literally no reason to be introspected and to provide the government with their customers’ private information.

CISA definitely leaves no room for privacy and, most importantly, it does very little to protect Americans from cyber-attacks. Instead, it greatly focuses on sharing Internet traffic and private information. Americans want real protection from hackers and cyber-attacks and all they got was a bill that threatens their privacy.

What concerns many people is the impact CISA may have internationally. The bill does not state that, of course, as it is designed only for the United States, but due to the fact that much of the world’s data flows through the U.S., American laws affect a much larger number of people than just those inside their borders. After all, the Internet is global.

That means that U.S. laws may not only apply to their citizens and that fact leaves the whole world in fear of their private information online, since CISA may give permissions for people who are not protected by U.S. laws. More importantly, this bill leaves many companies outside the U.S. very concerned about the privacy of their customers who happen to reside inside U.S. borders.

In a nutshell, the Cybersecurity Information and Sharing Act does not do much to improve cybersecurity, as it clearly should. Instead, it seems to be an effective way for the U.S. government to keep tabs on its citizens by having access to every private piece of information about them. Whether that changes eventually or not, only the future will tell.

By Pavle Dinic

Bill Talbot

How IT Operations Can Survive and Thrive in a Multi-cloud World

IT Operations Can Thrive in a Multi-cloud World IT operations teams are contending with the reality that growing volumes of workloads are running across multiple cloud services. While multi-cloud environments are growing ubiquitous, many IT ...
David Friend

Cloud 2.0 will not be Ushered in by AWS or other Cloud Giants

Cloud 2.0 Trends Amazon, Google, and Microsoft are all pursuing similar business strategies: they want it all. ‘It,’ in this case, means the entire IT infrastructure in their cloud. Furthermore, they want you to buy ...
David Gevorkian

Website Accessibility: Compliancy, Laws and Best Practices

Key to Making Your Website Accessible The internet has changed the education sector in so many ways. With e-learning, more people around the globe are able to access high-quality education and advance their careers. E-learning ...
Kayla Matthews

Higher-Ups More Likely to Break Policy, Data Breach Survey Finds

Data Protection Policies In an ideal scenario, the people at the highest levels of an organization would be the most likely to abide by data protection policies. Then, their positive behavior could set an excellent ...
Tej Redkar

How AI Monitoring Can Make Your Business Smarter and Better

Business AI Monitoring When issues arise with digital technology—as they invariably do—companies must have the ability to fix them before they create any business impact. These days, more and more companies are discovering that the ...
Ajay

Explainable Intelligence Part 1 – XAI, the third wave of AI

Explainable Intelligence Artificial Intelligence (AI) is democratized in our everyday life. Tractica forecasts the global artificial intelligence software market revenues will grow from around 9.5 billion US dollars in 2018 to an expected 118.6 billion by 2025 ...