Right on the nose – “[n]ot later than 60 days after the date of the enactment of [the Cybersecurity Information Sharing Act of 2015]” – federal agencies made good on their direction in the Cybersecurity Information Sharing Act of 2015 (“CISA”), releasing guidance regarding sharing cyber threat indicators with the federal government. The Director of National Intelligence, the Secretary of Homeland Security, the Secretary of Defense, and the Attorney General, in consultation with the heads of the appropriate federal entities, were tasked with developing procedures to facilitate and promote cybersecurity information sharing under CISA, which was signed into law on December 18, 2015.

The four guidance documents are the first steps towards implementation of CISA.

Companies that follow these guidelines can expect some level of liability protection. Next on this blog’s radar is the looming 90-day deadline for the Department of Health and Human Services to convene a task force to address cybersecurity issues unique to the health care industry.