Ahead of the Senate’s first 2015 hearing on cybersecurity information sharing, a broad coalition of industry groups pressed the chamber to finally pass a bill on the topic.
“Our organizations, which represent nearly every sector of the American economy, strongly urge the Senate to quickly pass a cybersecurity information-sharing bill,” their letter said.
Industry groups and intelligence officials have argued such a bill is essential to improve the country’s cyber defenses. Privacy advocates have cautioned such a move could allow the government to collect more personal information on Americans.
The Senate Homeland Security and Governmental Affairs Committee will restart the debate with a hearing Wednesday afternoon.
“Congressional action cannot come soon enough,” the letter said.
During the 2014 lame-duck session, Congress nearly passed a bill that would give legal protections to companies sharing cyber threat indicators with government agencies.
“Above all, we need Congress to send a bill to the president that gives businesses legal certainty that they have safe harbor against frivolous lawsuits when voluntarily sharing and receiving threat indicators and countermeasures in real time and taking actions to mitigate cyberattacks,” the coalition said.
A wide array of industries were represented in the letter: agriculture, finance, petroleum, insurance, telecom, railroad and healthcare to name a few. In total, 35 industry groups signed the letter.
While the White House, Republicans and Democrats all support a cyber information-sharing bill, they disagree on many of the specifics.
Last Congress, top Democratic senators joined Republicans to try and push a bill that would enable the private sector to share cybersecurity information directly with the National Security Agency (NSA). Industry groups widely supported the bill, known as the Cybersecurity Information Sharing Act (CISA). But it ultimately died because of privacy concerns and an inability to first pass a measure to reform the NSA’s surveillance authority.
In Tuesday’s letter, the industry coalition called CISA “smart and workable,” reflecting “practical compromises among many stakeholders” on issues such as privacy.
In recent weeks, the White House also dropped its own offering that would put the Department of Homeland Security (DHS) at the center of the cyber info exchange between the public and private sector. Privacy advocates called it a step in the right direction, but not good enough.