What does this cover?

The controversial Cybersecurity Information Sharing Act (CISA) has been passed by the Senate 74-21. The next stage of the legislative process involves the reconciliation of the CISA with similar legislation that passed by the House of Representatives earlier this year.

The Senate's support for CISA shows an inclination to tighten security following the infamous security incidents of recent years.

CISA aims to promote the exchange of cyber threat information between private entities, as well as between these entities and the government. Entities sharing information under CISA are protected from liability stemming from actions carried out under its remit. This has raised issues for those in opposition to the CISA who argue that it removes basic privacy rights of the individual as they are unable to opt out of monitoring activities under it. In addition certain information is entitled to be shared with other enforcement agencies.

The text of the CISA is available here.

What action could be taken to manage risks that may arise from this development?

For information only at this stage. Financial services companies should continue to monitor developments in this area.

Financial services companies should continue to monitor developments in this area.

Submitted by José Luis Arce Fernández and Rodrigo Fernández-Guerra of DAC Beachcroft – Mexico City, Mexico in partnership with DAC Beachcroft.