US Congress lets CISA 2015 lapse
Public Sector Action
Summary
Hide ▲
Show ▼
US Congress let CISA 2015 lapse, ending liability protections for companies that share cyber threat intelligence and creating new risk around AIS participation. The expiration leaves businesses exposed to potential lawsuits and could slow threat-data sharing that helps defend against cyber-attacks. Renewing the law remains uncertain after the funding standoff.
Related Happenings
Section 702 reauthorization and privacy limits debate
Regulatory/Legal (General)
First: 15.04.2026 13:25
Last: 15.04.2026 13:25
Sources 1
About this happening:
Congress is set to debate **Section 702** reauthorization as the surveillance authority nears expiration, a move that could reshape U.S. access to overseas communications and inci...
Section 702 reauthorization and privacy limits debate
Regulatory/Legal (General)About this happening: Congress is set to debate **Section 702** reauthorization as the surveillance authority nears expiration, a move that could reshape U.S. access to overseas communications and inci...
Public Bill Committee scrutiny of the Cyber Security and Resilience Bill
Public Sector Action
First: 13.01.2026 13:30
Last: 13.01.2026 13:30
Sources 1
About this happening:
The **Public Bill Committee** has opened scrutiny of the **Cyber Security and Resilience Bill (CSRB)** by asking industry for written views, giving **UK critical infrastructure se...
Public Bill Committee scrutiny of the Cyber Security and Resilience Bill
Public Sector ActionAbout this happening: The **Public Bill Committee** has opened scrutiny of the **Cyber Security and Resilience Bill (CSRB)** by asking industry for written views, giving **UK critical infrastructure se...
US Senate short-term extension of CISA 2015
Public Sector Action
First: 18.11.2025 18:30
Last: 18.11.2025 18:30
Sources 1
About this happening:
The **US Senate** extended **CISA 2015** through **January 30, 2026**, preserving liability protections for organizations that share **cyber threat intelligence**. The stopgap kee...
US Senate short-term extension of CISA 2015
Public Sector ActionAbout this happening: The **US Senate** extended **CISA 2015** through **January 30, 2026**, preserving liability protections for organizations that share **cyber threat intelligence**. The stopgap kee...
Timeline
-
02.10.2025 13:45 2 articles · 7mo ago
CISA 2015 expires after Congress misses deadline
Legal Policy Action UpdateCISA 2015 expires on September 30, 2025 after US Congress fails to extend the statute, ending the liability protections for companies that share cyber threat intelligence through the Automated Indicator Sharing Program (AIS) and exposing those businesses to potential lawsuits.
Show sources
- Expired US Cyber Law Puts Data Sharing and Threat Response at Risk — www.infosecurity-magazine.com — 02.10.2025 13:45
- Expired US Cyber Law Puts Data Sharing and Threat Response at Risk — www.infosecurity-magazine.com — 02.10.2025 13:45
-
02.10.2025 13:45 1 articles · 7mo ago
Industry warns CISA 2015 lapse may chill threat sharing
Victim Impact UpdateSecurity leaders from ReversingLabs, BreachRx, and Drata warn that the CISA 2015 lapse could push companies to reduce or pause cyber threat sharing, create blind spots in cyber defense, raise software supply chain risk, and slow AI security development until Congress restores the liability protections.
Show sources
- Expired US Cyber Law Puts Data Sharing and Threat Response at Risk — www.infosecurity-magazine.com — 02.10.2025 13:45