Atlantic Council
Cybersecurity is a team sport , yet small and medium-sized businesses (SMBs) have spent years on the sidelines, despite being the targets of an estimated 43 percent of cyberattacks in the United States. As Congress discusses renewing the United States’ cybersecurity information-sharing framework, it’s time to finally welcome SMBs into the cybersecurity community.
On September 30, the framework for sharing important cybersecurity information between government and industry, the Cybersecurity Information Sharing Act of 2015 (CISA 2015), will expire unless Congress acts. This law—distinct from the similarly named Cybersecurity and Infrastructure Security Agency (also CISA)—provides essential legal protections that allow private companies to share cyber threat information among themselv