The Cybersecurity Act of 2015 was included in the massive Consolidated Appropriations Act signed into law in late last year.
While the law does not require the private sector to share information with the federal government, it does give private groups protection if they do share. It establishes a National Cybersecurity and Communications Integration Center through which the private sector may provide information to the Department of Homeland Security. Upon sharing information, the entity will receive liability protection in U.S. courts. The law also prohibits the government from using shared threat information for regulatory or enforcement actions.
This law is intended to increase communication about cyber security threats between the private sector and the U.S. government. It also confirms the Department of Homeland Security’s role in the cyber protection process.
