Homeland Security gets behind cyber sharing bill

Homeland Security gets behind cyber sharing bill
© Greg Nash

Department of Homeland Security (DHS) Secretary Jeh Johnson has thrown his support behind controversial cybersecurity legislation under consideration in the Senate.

The Cybersecurity Information Sharing Act (CISA) would shield companies from legal liability when sharing cyber threat data with the government.

It faces opposition from a variety of privacy advocates and tech groups who say the bill would unnecessarily funnel personal information to the federal government and weaken security overall.

“Now is the opportunity for the Congress, in bipartisan fashion, to better protect the cybersecurity for the American people and their government; it is an opportunity we cannot afford to lose,” Johnson said in a statement late Thursday. “As currently written, I support this bill.”

Johnson’s announcement came less than an hour after the White House tendered its formal support for the legislation.

The Obama administration has been informally on board with CISA since August, when White House spokesman Eric Schultz called on the upper chamber to swiftly move the bill.

Johnson’s agency stands to have significant responsibility for any threat indicators shared with the federal government should the bill pass.

For many privacy and security opponents of the bill, the sticking point was what information would be shared and how.

A series of tweaks and alterations, many of which have been combined into a manager’s amendment package expected to pass next week, attempt to mitigate those concerns.

Under provisions in the package, shared data would be funneled through the DHS to be “scrubbed” of personally identifiable information.

The agency is seen as the best able to handle sensitive personal data. 

The White House on Thursday applauded the bill’s architects for naming DHS as the hub, warning that it would not support any exceptions.

An amendment from Sen. Tom CottonTom CottonGOP and Dems bitterly divided by immigration Grassley offers DACA fix tied to tough enforcement measures Five things senators should ask Tom Cotton if he’s nominated to lead the CIA MORE (R-Ark.) — not included in the manager’s amendment package — would also give companies liability protections when sharing data directly with the FBI and Secret Service.

“The administration will strongly oppose any amendments that would provide additional liability-protected sharing channels, including expanding any exceptions to the DHS portal,” the White House said.

The Senate will vote Tuesday on Cotton’s offering.

Johnson called the current version of the legislation “a good bill,” praising co-sponsors Sens. Dianne FeinsteinDianne Emiel FeinsteinGrassley blasts Democrats over unwillingness to probe Clinton Avalanche of Democratic senators say Franken should resign Blumenthal: ‘Credible case' of obstruction of justice can be made against Trump MORE (D-Calif.) and Richard BurrRichard Mauze BurrSessions argued presidents can obstruct justice in Clinton impeachment trial Trump Jr. to meet with Senate panel amid Russia probe Trump’s Russian winter grows colder with Flynn plea deal MORE (R-N.C.) for “taking on the complex subject of cybersecurity legislation [and] accounting for the numerous and varied interests.”

Johnson’s support for the cyber sharing bill was already well known. In September, he called on the Senate to pass CISA during remarks at The Commonwealth Club of California.

“There is an urgent and compelling need for cybersecurity legislation — to strengthen our ability to protect the American public, American businesses large and small, and the federal civilian .gov system,” Johnson said on Thursday.

Critics — including Sen. Ron WydenRonald (Ron) Lee WydenDemocratic senator predicts Franken will resign Thursday Avalanche of Democratic senators say Franken should resign Lobbying world MORE (D-Ore.) — say the bill wouldn’t have done anything to prevent the devastating hack of the Office of Personnel Management, which is often touted as a reason to pass the bill.

CISA is set for a final vote on Tuesday.