The US Cybersecurity Information Sharing Act (CISA), the landmark piece of legislation that encourages companies to share threat information, expired on Wednesday amid a wider US Government shutdown.
CISA 2015 guaranteed liability and antitrust protections for companies sharing cyber threat data with government agencies or peers.
Companies can still share information with the government, but will no longer have these antitrust and liability protections.
This could make companies less likely to share critical threat intelligence.
Widely seen as a success, CISA 2015 enabled cross-sector collaboration that helped track ransomware campaigns, supply chain breaches, and emerging vulnerabilities
The law was passed for a ten-year-term, which came to an end on October 1, 2025.
Ahead of the expiration, a coalition of industry experts warned that without CISA 2015 in place, “the U.S. will face a more complex and dangerous security environment. Sharing information about cyber threats and incidents makes it harder for attackers because defenders learn what to watch for and prioritize.”
Meanwhile, CISA itself is reportedly operating with reduced staff during the shutdown — just as the country’s most important cyber defense law has gone dark.
Most experts expect Congress will eventually reauthorize the law retroactively — but the timing is uncertain, leaving a dangerous gap at a time of escalating cyberattacks.
The big question is how long the political quagmire will last, and what impact this could have on the industry.
Sen. Gary Peters (D-Mich.) warned: “If we don’t extend these critical authorities, we will lose one of our most effective defenses against cyberattacks, as our adversaries’ attacks continue to grow more aggressive and more sophisticated.”
Some have suggested this could be a moment to improve and modernize the law to focus on more enriched cyber threat intelligence.
“Without trusted, legally protected sharing, we risk losing the cross-sector visibility needed to spot campaigns before they spread. Even if Congress acts later, today’s uncertainty is already forcing organizations to rethink sharing workflows. For now, companies should keep sharing, but with tighter legal review, clear consent language, and contingency plans for slower reciprocity,” said Allison Reed Morgan, Former Director of Critical Infrastructure, National Security Council for the White House.
“Congress has the chance not only to reauthorize but to modernize, shifting from static IoC feeds to behavioral signals and enriched, reciprocal intelligence built for rapidly evolving threats.”
Several security companies have committed to keep sharing cyber threat intelligence, despite the shutdown.
“CISA 2015’s cyber info sharing protections have temporarily ended, but the criticality of cyber threat intel sharing remains,” said Cynthia Kaiser, Former FBI Cyber Executive and Managing Director, Halcyon Ransomware Research Center. “The spirit of CISA is clear: collaboration makes us all safer. That’s a principle we’ll continue to uphold. We encourage our peers across industry do the same.”
The bottom line: The imperative of cyber threat sharing remains. The question is whether political delays will weaken trust before Congress acts, or whether industry solidarity can hold the line.
Read more
