WASHINGTON, D.C.—The Cybersecurity Information Sharing Act of 2015, which passed the Senate this afternoon with strong bipartisan support (74-21), included all five key steps of the bipartisan Collins-Warner bill, introduced by Senators Susan Collins (R-ME) and Mark Warner (D-VA) in June of 2015 following the cyber attack at OPM. The Collins-Warner bill bolsters the Department of Homeland Security’s (DHS) authority to protect federal civilian networks. Senators Collins and Warner are both members of the Senate Select Committee on Intelligence.
“The cyber attack at OPM exposed the glaring vulnerabilities of our federal cybersecurity system and is a reminder that we are in the midst of a cyber-war. As our adversaries continue to increasingly turn to the cyber realm, it is past time to make sure our critically important government systems, and the information they hold, are properly protected and secured,” said Senator Collins. “I am very pleased the Cyber Information Sharing Act of 2015, which passed the Senate this afternoon with strong bipartisan support, included the five critical steps in the Collins-Warner bill that would help ensure that DHS is able to properly defend the .gov domain from cyberattacks like the ones we saw at OPM.”
“The attack on OPM has been a painful example of how behind-the-curve many federal agencies have become when it comes to effective cybersecurity,” Senator Warner said. “These breaches allowed cyber attackers to access personal information of more than 22 million federal employees and others. If we want to be better prepared to meet this threat in the future, we have to make sure that the Department of Homeland Security has the tools it needs to adequately secure our federal civilian networks. This bipartisan amendment empowers DHS to deploy effective tools to better ensure that government agencies are properly protected.”
The five important steps from the Collins-Warner bill included in the Cybersecurity Information Sharing Act of 2015 include:
- Legislation that would allow the Secretary of Homeland Security to operate intrusion detection and prevention capabilities on all federal agencies on the .gov domain.
- Legislation that permits the Secretary of Homeland Security to conduct risk assessments of any network within the government domain.
- Legislation that allows the Secretary of Homeland Security to operate defensive countermeasures on these networks once a cyber threat has been detected.
- Legislation to strengthen and streamline the authority Congress gave to DHS last year to issue binding operational directives to federal agencies, especially to respond to substantial cyber security threats in emergency circumstances.
- Legislation that requires the Office of Management and Budget to report to Congress annually on the extent to which OMB has exercised its existing authority to enforce government wide cyber security standards.
The Collins-Warner bill was introduced on July 22, 2015 and was cosponsored by Barbara Mikulski (D-MD), Dan Coats (R-IN), Kelly Ayotte (R-NH) and Claire McCaskill (D-MO). Following the bill’s introduction, the key elements of the Collins-Warner bill were incorporated into an amendment filed by Senator Tom Carper (D-Delaware).