WASHINGTON (10/28/15)--The U.S. Senate passed the Cybersecurity Information Sharing Act (CISA) Tuesday afternoon by a vote of 74-21. The bill will now go into conference committee with the House.
Three amendments to the bill that were opposed by CUNA were left out of the final package. CUNA was also able to prevent the addition of an amendment in July that would have given supervisory authority over third-party vendors to the National Credit Union Administration.
CUNA supports CISA, but has told the Senate that its work must not stop there, urging further action by Congress to establish a strong national data security standard that aligns with the standards financial institutions are already subject to under the Gramm-Leach-Bliley Act.
A bill introduced by Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.), the Data Security Act of 2015 (S. 961) has strong CUNA support. It would create a scalable data standard for entities handling sensitive information that is adaptable for entities of all sizes.
“By outlining a security process that is adaptable to future changes in technology, the Data Security Act would enable businesses of all sizes and complexity to better protect consumers from harm,” CUNA and its partners wrote to the Senate last week. “Importantly, S. 961 also recognizes that it is not productive to duplicate data protection and consumer notice requirements that are already in place for financial institutions under the Gramm-Leach-Bliley Act and subsequent regulations.”