Members of the House Permanent Select Committee on Intelligence are considering changes to the processes for information sharing between national security agencies and cyber firms.
The lawmakers met privately last week to discuss new policy with officials from the FBI, the National Security Agency, the Department of Justice and the Cybersecurity and Infrastructure Security Agency.
The meeting focused on the Cybersecurity Information Sharing Act of 2015, which developed a framework for the private sector and federal, state, and local governments to share cyber threat data. Provisions of the law are set to expire at the end of September.
House Intelligence Committee Chairman Rick Crawford, Arkansas Republican, said adversaries’ spying and attack capabilities have rapidly advanced since 2015 — but so has America’s info-sharing operations.
“Ten years in cybersecurity advancement is an eternity, during which a lot changes, including the threat landscape,” Mr. Crawford said in a statement. “As we review proposals to reauthorize CISA 2015, we will continue to conduct oversight over the intelligence community’s collection, analysis, and dissemination efforts to ensure cyber threat indicators are shared in real-time with state, local, private sector, and international partners.”
Rep. Jim Himes of Connecticut, the committee’s ranking Democrat, said the private meeting was crucial to understanding how public-private collaborations happen now as lawmakers study reauthorizing the law.
“As the United States adapts to defend against increasingly sophisticated actors, we must ensure that cyber threat information is shared as efficiently as possible across private and public entities,” Mr. Himes said in a statement.
The House Intelligence Committee is planning more briefings and hearings on the info-sharing policies to learn if it is working the right way before determining what to do ahead of the law’s September expiration.
