WASHINGTON-In response to Congress announcing funding legislation that extends the Cybersecurity Information Sharing Act of 2015 (CISA 2015) through the end of Fiscal Year 2026, the Information Technology and Innovation Foundation (ITIF), the leading think tank for science and technology policy, issued the following statement from Research Assistant David Kertai:

Congress' extension of CISA 2015 is a positive step toward sustaining public-private coordination on cybersecurity.However, because it runs only through the end of Fiscal Year 2026, it offers only temporary relief, creating recurring uncertainty for government agencies and private companies as cyber threats grow in volume and complexity.To ensure effective, long-term collaboration with the private sector, Congress should adopt a multi-year extension that maintains liability protections for information sharing and supports sharing threat information, incidents, and best practices. Lawmakers should also shield CISA 2015 from disruptions caused by future federal shutdowns, which undermine the law's effectiveness and create vulnerabilities that attackers can exploit.Protecting the nation's digital infrastructure requires continuity, not temporary fixes, and strengthening the longevity of CISA 2015 is essential to achieving that goal.

Contact: Nicole Hinojosa, [email protected]