Ride the Lightning

Senate Passes CISA 74-21

October 29, 2015

It figures. My Tuesday blog post was barely out predicting the passage of CISA before it happened. SC Magazine has the story describing how The Cyber Information Sharing Act (CISA) passed with an overwhelming majority of 74-21. Most of the privacy-related amendments were defeated.

I really wish my words had not been so prophetic. I share the disappointment of the Electronic Freedom Foundation, which posted that the bill is "fundamentally flawed due to its broad immunity clauses, vague definitions, and aggressive spying authorities."  So now the bill moves to a conference committee between the House and the Senate to determine the bill's final language despite its inability to address problems that caused recent highly publicized computer data breaches, problems like unencrypted files, poor computer architecture, failure to update and patch servers and software, and poorly trained or untrained employees opening phishing e-mail and clicking on malware links.

Computer security specialists opposed the bill as did academics, privacy organizations and major tech companies. So of course it received wide support in Congress which doesn't understand information security and which seems ready to toss aside privacy considerations.

Bad bill, unhappy ending for a serious problem that this bill has no prayer of addressing.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson