Houston commercial litigator Mark Thibodeaux, Deputy Practice Leader of Sutherland’s Cybersecurity and Privacy team, recently co-authored a two-part Law360 series examining the federal guidance and questions that remain about the full scope of the benefits from the Cybersecurity Information Sharing Act of 2015.
The information-sharing system has been praised by many companies that recognize it “can be used to monitor or operate defensive measures and combat cyberthreats,” Thibodeaux and his colleagues write in Part I. “There are also benefits to providing information. Many companies are facing similar cyberthreats and in many cases are facing the same attackers.”
Among the points made in the article, headlined “Information Sharing Under CISA: What It Means For Companies,” is the observation that liability protection may be “one of the most important incentives for companies to consider … but may not be the shield that many think it is.”
Part II in the series, headlined “Information Sharing Under CISA: How DHS Guidance Helps,” examines the recent guidance provided by the Department of Homeland Security. The DHS identifies the government processes that encourage information sharing and the steps companies should take to benefit from CISA.
Ultimately, the authors conclude, CISA provides a framework for companies to consider whether information sharing is right for them.
Co-authors of the series with Mr. Thibodeaux are Washington Partner Daniel Frank, who advises clients on cybersecurity and regulatory matters, and Washington Associate Allison Speaker, who assists on cybersecurity matters and advises on energy regulatory matters.
Tags: cybersecurity, data privacy
