Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

Lawmakers Want to Improve Cybersecurity Info Sharing Between DHS, Congress

Senators last week introduced a bill whose goal is to improve the sharing of cybersecurity information between the Department of Homeland Security and Congress.

Senators last week introduced a bill whose goal is to improve the sharing of cybersecurity information between the Department of Homeland Security and Congress.

The Intragovernmental Cybersecurity Information Sharing Act was introduced by senators Rob Portman (R-OH), Amy Klobuchar (D-MN), Roy Blunt (R-MO) and Gary Peters (D-MI).

The lawmakers are displeased with the “lengthy delays” in Congress cybersecurity staff getting information from the government’s executive branch.

The goal of the new legislation is to ensure that actionable cybersecurity information from the DHS is directly and quickly sent to the Sergeant at Arms of the Senate and the Chief Administrative Officer of the House of Representatives.

“Cybersecurity threats against our government require a timely, coordinated response. Yet too often a lack of communication between the Department of Homeland Security and Congress leaves us vulnerable to damaging cyberattacks,” Klobuchar said. “This bipartisan legislation will better protect us against cyberattacks by requiring the Department of Homeland Security to increase cybersecurity information sharing with Congress.”

“Our cyber adversaries move quickly and do not distinguish between branches of government—we need a unified and coordinated defense,” said Portman.

The lawmakers cite the threat posed by Russian state-sponsored cyber actors to highlight the need for such legislation.

The US government has issued several warnings regarding Russian cyber threats since the escalation of the conflict between Russia and Ukraine.

Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) released guidance for sharing information about cyber incidents and other activity with the agency. The one-page document outlines the types of information that organizations in the critical infrastructure and government sectors should share in case they observe unauthorized access, DoS attacks, malicious code, repeated scans for exposed services, phishing, and ransomware attacks.

Related: Cyber Incident Disclosure Bill Passes in Senate Amid Fears of Russian Attacks

Related: CISA Warns Critical Infrastructure Organizations of Foreign Influence Operations

Related: Experts Analyze Proposed Bill Allowing Private Entities to ‘Hack Back’

Related: House Passes Several Critical Infrastructure Cybersecurity Bills

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.