WASHINGTON, D.C. – U.S. Senator Angus King (I-Maine) released the following statement today after the Senate passed the Cybersecurity Information Sharing Act of 2015:

            “Today, the Senate took a significant step forward in bolstering our country’s cyber-defenses and giving businesses the tools they need to better protect themselves against cyber-attacks,” Senator King said. “Every day, thousands of cyber-criminals attempt to breach our digital defenses, threatening our national security and the stability of our economy. By strengthening collaboration between the public and private sector, and by improving information sharing practices, this bill helps shield us against those threats. More work needs to be done, but this is much-needed progress.”

Senator King has consistently called for the U.S. to shore up its cyber-defenses. In remarks delivered last week on the Senate floor, he discussed how recent cyber-attacks on government agencies and private companies have underscored the increased need for improved public-private cooperation to combat the growing threat.

Those threats led Senator King in August to co-host a cyber-security briefing with the Department of Homeland Security and Maine State Chamber of Commerce in Portland to inform local businesses about best practices that can help protect them from cyber-attacks. According to the Maine Credit Union League, data breaches over the past year have cost Maine credit unions approximately $2 million to replace debit and credit cards and an additional $500,000 to cover fraud. Furthermore, one Maine healthcare provider explained how it experiences thousands of attempts every day to steal confidential data. A 2014 report by McAfee and the Center for Strategic and International Studies (CSIS) found that the annual cost to the global economy from cyber-crime is more than $445 billion. The report also estimated that the impact of cyber-crime could translate into more than 200,000 jobs lost in the U.S.

The Cybersecurity Information Sharing Act of 2015 would improve U.S. cyber-security by encouraging better information-sharing practices between the government and the private sector. The bill authorizes private companies to share cyber threat information with one another and the U.S. government on a purely voluntary basis; authorizes companies to monitor their computer networks and implement defensive measures to counter threats; provides liability protection for the sharing of cyber information for cyber-security purposes; and provides protections to ensure that sharing of cyber information does not allow for privacy intrusions. Importantly, the bill protects personal privacy by requiring companies to remove personally identifiable information from cyber threat information before sharing, and it also makes sure the legislation is narrowly focused on cyber-security threats by limiting the government’s ability to use the information it receives.

###