Homeland Security gets behind cyber sharing bill

Homeland Security gets behind cyber sharing bill
© Greg Nash

Department of Homeland Security (DHS) Secretary Jeh Johnson has thrown his support behind controversial cybersecurity legislation under consideration in the Senate.

The Cybersecurity Information Sharing Act (CISA) would shield companies from legal liability when sharing cyber threat data with the government.

It faces opposition from a variety of privacy advocates and tech groups who say the bill would unnecessarily funnel personal information to the federal government and weaken security overall.

“Now is the opportunity for the Congress, in bipartisan fashion, to better protect the cybersecurity for the American people and their government; it is an opportunity we cannot afford to lose,” Johnson said in a statement late Thursday. “As currently written, I support this bill.”

Johnson’s announcement came less than an hour after the White House tendered its formal support for the legislation.

The Obama administration has been informally on board with CISA since August, when White House spokesman Eric Schultz called on the upper chamber to swiftly move the bill.

Johnson’s agency stands to have significant responsibility for any threat indicators shared with the federal government should the bill pass.

For many privacy and security opponents of the bill, the sticking point was what information would be shared and how.

A series of tweaks and alterations, many of which have been combined into a manager’s amendment package expected to pass next week, attempt to mitigate those concerns.

Under provisions in the package, shared data would be funneled through the DHS to be “scrubbed” of personally identifiable information.

The agency is seen as the best able to handle sensitive personal data. 

The White House on Thursday applauded the bill’s architects for naming DHS as the hub, warning that it would not support any exceptions.

An amendment from Sen. Tom CottonThomas (Tom) Bryant CottonOvernight Defense: Fallout from tense NATO summit | Senators push to block ZTE deal in defense bill | Blackwater founder makes new pitch for mercenaries to run Afghan war Hillicon Valley: DOJ appeals AT&T-Time Warner ruling | FBI agent testifies in heated hearing | Uproar after FCC changes rules on consumer complaints | Broadcom makes bid for another US company | Facebook under fire over conspiracy sites Hillicon Valley: Justice Department appeals AT&T-Time Warner ruling | New report on election security | FBI agent testifies in marathon hearing MORE (R-Ark.) — not included in the manager’s amendment package — would also give companies liability protections when sharing data directly with the FBI and Secret Service.

“The administration will strongly oppose any amendments that would provide additional liability-protected sharing channels, including expanding any exceptions to the DHS portal,” the White House said.

The Senate will vote Tuesday on Cotton’s offering.

Johnson called the current version of the legislation “a good bill,” praising co-sponsors Sens. Dianne FeinsteinDianne Emiel FeinsteinThe Hill's Morning Report — Trump, Putin meet under cloud of Mueller’s Russia indictments Dems launch pressure campaign over migrant families California Dems endorse progressive challenger over Feinstein MORE (D-Calif.) and Richard BurrRichard Mauze BurrGOP lambasts Trump over performance in Helsinki GOP Intel chairman: Trump should recognize Putin lies The Hill's Morning Report — Sponsored by Better Medicare Alliance — Trump seeks `home run’ candidate to succeed Justice Kennedy MORE (R-N.C.) for “taking on the complex subject of cybersecurity legislation [and] accounting for the numerous and varied interests.”

Johnson’s support for the cyber sharing bill was already well known. In September, he called on the Senate to pass CISA during remarks at The Commonwealth Club of California.

“There is an urgent and compelling need for cybersecurity legislation — to strengthen our ability to protect the American public, American businesses large and small, and the federal civilian .gov system,” Johnson said on Thursday.

Critics — including Sen. Ron WydenRonald (Ron) Lee WydenSenate panel to vote Thursday on Trump's pick to lead IRS On The Money: US files complaints at WTO | House leaders get deal to boost biz investment | Mnuchin says US will consider Iran sanctions waivers | FCC deals blow to Sinclair-Tribune merger Senate GOP poised to break record on Trump's court picks MORE (D-Ore.) — say the bill wouldn’t have done anything to prevent the devastating hack of the Office of Personnel Management, which is often touted as a reason to pass the bill.

CISA is set for a final vote on Tuesday.