Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Cyberthreat sharing law expires as government shuts down

The 2015 law’s expiration ends liability protections that enabled a decade of cyber threat information sharing between government and private sector, raising risks of reduced collaboration.

  • On Wednesday, the Cybersecurity Information Sharing Act of 2015 expired after its 10-year lifespan, ending a federal program that encouraged companies to share cyber threat data with government agencies.
  • Congress failed to reauthorize the law after months of debate despite hearings and letters urging extension, while Senate Homeland Security Committee Chair Rand Paul, R-Ky., blocked renewal over misinformation limits and the House of Representatives’ funding bill stalled amid spending disputes.
  • With 65% of its staff furloughed, CISA insiders say the Cybersecurity and Infrastructure Security Agency operates with around 900 employees, stretched by a mass extortion campaign and a Red Hat breach.
  • Companies now face reduced legal protections for sharing threat data, and the Cybersecurity and Infrastructure Security Agency said the lapse `deals "a serious blow"` to U.S. cyberdefenses.
  • Reduced federal IT professionals face brain drain and vendor pullbacks, risking delays in modernization projects, although most expect Congress to extend or reauthorize the law.
Insights by Ground AI

10 Articles

ForbesForbes
Center

Government Shutdown Leaves US Cyber Defenses Weaker, Insiders Say

Already understaffed and now further diminished, the Cybersecurity and Infrastructure Security Agency is scrambling to investigate a spate of cyber attacks. The lapse of the Cybersecurity Information Sharing Act has made it even harder.

·United States
Read Full Article
NextgovNextgov
Center

Attorneys scramble to advise clients after lapse of key cyber info-sharing law

Organizations may lean on contract arrangements to facilitate data-sharing channels previously enabled by the now-expired regulation, a former U.S. offi...

Read Full Article
The HillThe Hill
Center

Cyberthreat sharing law expires as government shuts down

A law allowing private companies to share information about cybersecurity threats with the government expired Wednesday after Congress failed to reauthorize the legislation amid a wider shutdown fight.  The Cybersecurity and Information Sharing Act (CISA) of 2015, which initially appeared poised to be extended as part of a temporary stopgap measure, lapsed as lawmakers failed…

·Washington, United States
Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

Landmark US cyber-information-sharing program expires, bringing uncertainty

Without legal protections, companies might stop reporting information about cybersecurity threats.

Read Full Article
eSecurityPlaneteSecurityPlanet

CISA 2015 Lapse Leaves US Cybersecurity Exposed

The expiration of the Cybersecurity Information Sharing Act of 2015 (CISA 2015) during the US government shutdown has left the nation’s cyber defenses exposed.  Without this law, companies lose liability protections for sharing threat intelligence, creating a chilling effect on the flow of critical information.  “Now, the private sector is going to be very reluctant to tell anybody what happens to them,” Mike Hamilton, field CISO of Lumifi Cyber…

Read Full Article
Data Protection ReportData Protection Report

CISA 2015 sunsets: Cyber Threat sharing without a net?

The Cybersecurity Information Sharing Act of 2015 (CISA 2015) expired on September 30, 2025, after Congress missed the reauthorization deadline. That lapse removes the decade-old legal framework that encouraged and protected cyber threat information sharing among companies, Information Sharing and Analysis Organizations and Centers (ISAOs/ISACs), and the federal government. In practical terms, the lapse of CISA 2015 removes statutory protections…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Cybersecurity Dive broke the news in on Wednesday, October 1, 2025.
Sources are mostly out of (0)

Similar News Topics

Government Shutdown icon

Government Shutdown

CISA icon

CISA

Regulation icon

Regulation

Shutdown icon

Shutdown

United States icon

United States

News
For You
SearchBlindspotLocal