Anna Forrester
Rolando Sanchez, a government contracting and cybersecurity attorney at Hollingsworth, has described his belief on how liability protections for the private sector in cyber information sharing can have certain limitations in several proposed bills.
Sanchez wrote in an opinion piece posted Monday for National Defense Magazine that cybersecurity bills in Congress and the defense authorization bill for 2016 point to exceptions such as “willful misconduct” and “gross negligence” in the part of the company sharing information.
“If [Cybersecurity Information Sharing Act] becomes law and gross negligence remains an exception to liability protection, companies will need to weigh the risk of legal actions and their related costs — such as discovery and investigations — against the risk of not sharing information,” he says.
He believes that the effectiveness of liability protections to encourage private companies to share potentially sensitive information to government may be affected if language on the exception is maintained in CISA.
