S.754 Cybersecurity Information Sharing Act 2015
Cyber security has been a concern for the department of homeland security. In October 2015, the Congress to up the initiative of passing a bill that would govern this issue. The individual bill obliges the National Intelligence Director, the Departments of Homeland Security, Defense as well as Justice to come up with procedures that facilitate sharing of cyber security threat intelligence with nonfederal government agencies, private entities, local governments, tribal states as well as the public and entities faced with threats.
In the process of detecting, preventing, or mitigating cyber security threats or other vulnerabilities, the bill allows private entities to have the power to monitor and even operate defensive initiatives on their individual information system and through written consent, the information systems of other private as well as government entities. In this bill, Liability protections are given to entities which willfully share and receive get cyber threat indicators as well as defensive initiatives with other entities as well as government (The United States, 2015). This bill also provides for sharing the process to be developed within the DHS for the federal government to get indicators as well as defensive measures shared by any entity and ensure that right federal entities get shared indicators in an automatic, real-time way. This bill limited the purposes for which the government can use the shared information to particular cyber security purposes as well as responses to adverse or serious threats to minor ones. The offenses that can attract prosecution with such information remain restricted to fraud and identity theft, trade secrets, censorship, espionage, or a serious threat of death, bodily harm, or economic harm such as terrorist act or using a weapon of mass destruction. In this bill, the DHS must deploy a system that detects cyber security risks in network traffic transiting or traveling to or from an agency information system and prevent or modify the traffic to eliminate cyber security risks. In the bill, the DHS Secretary can issue emergency directives to agencies in response to a substantial information security threat, vulnerability as well as an incident or authorize intrusion detection as well as prevention capabilities to secure agency information systems in during imminent threat. On the other hand, Federal agencies must always identify and mitigate skill shortages in federal workforce positions demanding the performance of cyber security functions.
The State Department must develop a diplomacy strategy to obtain agreements on international behavior in cyberspace and consult with countries regarding the prosecution and prevention of cyber or intellectual property crimes (The United States, 2015). This bill provided for the establishment of the National Cybersecurity and Communications Integration Center for statewide interoperability coordinators to report risks or incidents related to networks used by emergency responders. The bill also provided for the Department of Health and Human Services to convene a task force to plan one system for the national government to share intelligence on cyber security threats to the health industry and recommend protections for networked medical devices as well as electronic health records.
The bill also obliged the DHS to develop a strategy that ensures that cyber incidents that affect critical infrastructure entities do not result in disaster or national effects on health or safety, economic security and national security. This bill also bill allowed criminal penalties on fraud that involve account access devices to get imposed irrespective of underlying articles, proceeds or property held within, or transferred in federal jurisdiction.
The United States (2015): Cybersecurity Information Sharing Act of 2015: Report together with additional views (to accompany S. 754).