Legislative Activity

Senate Action on Information Sharing Legislation Unclear

Prior to the Memorial Day recess, the Senate was unable to complete its work on its surveillance reform legislation to reauthorize the PATRIOT Act and plans to readdress the issue when the chamber returns this week. Given the debate over the PATRIOT Act and the privacy concerns that have held up its movement in the Senate, cyber stakeholders have expressed concerns that the lack of consensus on surveillance reform could create problems for moving an information sharing bill to the Senate floor this year.

Despite these concerns, several Members of Congress have indicated their optimism that the Senate will take up the Cybersecurity Information Sharing Act (S. 754) at some point this summer. The House has already passed two information sharing bills though it is unlikely that the Senate will choose to take up the bills that were combined after their passage in the House.

Executive Branch Activity

DHS Issues Notice of Funding Opportunity for ISAO Standards Organization

Last week, the U.S. Department of Homeland Security (DHS) issued a Notice of Funding Opportunity (NOFO) for a Standards Organization to oversee and coordinate the guidelines for the creation and operation of Information Sharing and Analysis Organizations (ISAO) under President Obama’s February 2015 Executive Order (EO). The EO called on DHS to designate an organization that would create a set of standards for organizations that are interested in sharing cyber threat information through ISAOs. The NOFO states that DHS intends to award $2.2 million in FY 2015 to the organization that is chosen as the ISAO standards organization and will also award up to $11 million over five years.

Letters of intent are due on June 15 and final applications must be submitted to DHS by July 17. DHS plans to make its selection by July 31 and will officially award the funding for the selected organization by August 10.

DHS also issued a Request for Public Comment on the formation of ISAOs for cybersecurity information sharing. This request for comments also was part of the President’s February 2015 EO. Comments are due on July 10.