Cybersecurity Law Expires: Risks and What’s Next

Here’s a breakdown of the key‌ arguments presented⁤ in the​ text, focusing on the importance of reauthorizing CISA 2015:

1. Human Cost ​of Ransomware:

lives are at ⁣Risk: ⁤Ransomware attacks on hospitals have directly contributed to patient deaths (estimated⁣ 42-67 medicare patients between 2016-2021).Hospitals are targeted because they are likely to pay ransoms quickly to protect patients.
Time Sensitivity: In medical emergencies, even minutes of delay‍ due to system outages can be fatal.

2. Importance of Details Sharing (CISA 2015’s Role):

Early Warnings: CISA 2015 facilitates crucial information sharing about ransomware variants and attack methods. Its sunset would likely degrade⁣ this sharing, leaving organizations vulnerable.
Critical Infrastructure ⁢Protection: The loss of information sharing would impact not just hospitals, but all ​ critical infrastructure.

3. Economic Impact:

Small Businesses at Risk: Small and medium-sized businesses (SMBs) are the backbone of ⁤the US ‍economy⁤ (99% of businesses,nearly half the workforce,43.5% of GDP). Widespread​ ransomware​ attacks on SMBs ​would have devastating economic consequences.
Ripple Effects: The failure of many SMBs⁣ would create significant ripple effects throughout the entire economy.

4. Maintaining US Cybersecurity Leadership:

Competitive Advantage: US cybersecurity companies are leaders​ because they have access⁢ to complete threat data (enabled by CISA 2015).
Global Model: Othre countries have modeled their cybersecurity information sharing systems after the US approach, recognizing its ⁢effectiveness. Allowing CISA 2015 to lapse would undermine this leadership position.

5. Call to Action:

Bipartisan Support: There ⁣is bipartisan agreement on the need to reauthorize⁢ CISA 2015.
Urgent Need: DHS Secretary Kristi noem has urged for immediate‌ reauthorization,‌ highlighting the strengthened public-private partnerships it fosters.

In essence, the article ​argues ⁢that reauthorizing CISA 2015 is not just a cybersecurity ⁤issue, but a matter ‌of public safety, economic stability, and national security.