CISA 2015 has become integral to the United States' cybersecurity framework, facilitating effective communication of threat intelligence between the government and private sector without additional regulations. Its expiration could lead to increased cyberattacks that primarily threaten small and medium-sized businesses, which lack the financial stability to absorb losses from attacks. Recent studies indicate that these businesses suffer significant financial impacts due to ransomware, with average costs around $432,000 per incident. The law also provides protections that incentivize businesses to share information crucial for enhancing security measures.
The Cybersecurity Information Sharing Act of 2015 (CISA 2015) has quietly become the backbone of our nation's cyber defense. Without creating any additional regulations, it enabled the rapid sharing of threat intelligence between government and businesses that has prevented countless cyber attacks over the past decade. Its potential sunset threatens to unleash a wave of cyberattacks that will devastate the small and medium-sized businesses (SMBs) that form a foundational part of our economy.
The law provides crucial liability protections that encourage companies to share threat indicators with the government and each other, while offering antitrust protection for industry-to-industry collaboration.
Recent data from NetDiligence's 2024 Cyber Claims Study shows that ransomware cost SMBs an average of $432,000 per attack. These businesses don't have the cash reserves to weather extended downtime.
According to industry analysis, small and medium enterprises represent 98% of cyber insurance claims while accounting for $1.9 billion in total losses, underscoring their vulnerability in today's threat landscape.
Collection
[
|
...
]