The expiration of the Cybersecurity Information Sharing Act (CISA 2015) has left ReversingLabs a cybersecurity firm heavily reliant on the law’s Automated Indicator Sharing Program (AIS) vulnerable to legal liabilities when exchanging cyber threat intelligence. The lapse, driven by Congressional inaction during a government funding standoff, eliminates critical legal protections that previously encouraged voluntary threat data sharing among companies. Without these safeguards, ReversingLabs faces operational disruptions in maintaining its threat repositories, increasing exposure to software supply chain vulnerabilities and AI-enabled attacks.The company’s Chief Trust Officer, Saša Zdjelar, warned that the lapse creates a ‘chilling effect’ on threat intelligence collaboration, forcing firms to withhold data due to litigation risks. This weakens collective cyber defenses, granting adversaries a strategic advantage. Zdjelar also highlighted risks to AI security development, as legal uncertainty may restrict data-sharing essential for training AI-powered defense tools. The broader impact includes escalating costs of data breaches already the highest globally in the U.S. and potential long-term erosion of trust in cybersecurity partnerships, leaving critical infrastructure and enterprises more susceptible to sophisticated cyber threats.
Source: https://www.infosecurity-magazine.com/news/expired-cisa-2015-us-intelligence/
TPRM report: https://www.rankiteo.com/company/reversinglabs
"id": "rev3232932100225",
"linkid": "reversinglabs",
"type": "Cyber Attack",
"date": "6/2015",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'Cybersecurity',
'location': 'United States',
'name': 'ReversingLabs',
'type': 'Private Company'},
{'industry': 'Incident Response',
'location': 'United States',
'name': 'BreachRx',
'type': 'Private Company'},
{'customers_affected': 'All participating companies in '
'the AIS program',
'industry': 'Cybersecurity',
'location': 'United States',
'name': 'US Government (CISA Automated Indicator '
'Sharing Program)',
'type': 'Government Agency'},
{'industry': 'Multiple (e.g., Finance, Healthcare, '
'Technology, Critical Infrastructure)',
'location': 'United States',
'name': 'US Companies Participating in AIS',
'type': ['Private Companies',
'Public Companies',
'Government Contractors']}],
'date_detected': '2025-09-30',
'date_publicly_disclosed': '2025-09-30',
'description': 'The 2015 Cybersecurity Information Sharing Act (CISA 2015), '
'which shielded companies from legal liability when sharing '
'cyber threat intelligence through the Automated Indicator '
'Sharing Program (AIS), expired on September 30, 2025, due to '
"Congress's failure to extend it amid a government funding "
'standoff. This lapse leaves companies vulnerable to lawsuits '
'and weakens a critical defense mechanism against '
'cyber-attacks. Industry leaders, including ReversingLabs and '
'BreachRx, have warned of severe consequences, such as reduced '
'threat intelligence sharing, increased software supply chain '
'risks, and a chilling effect on AI security development. The '
'expiration is expected to exacerbate the already high costs '
'of data breaches in the US, potentially doubling their scale '
'and financial impact within a year.',
'impact': {'brand_reputation_impact': ['Erosion of trust in US cyber defenses',
'Perception of political dysfunction '
'undermining cybersecurity'],
'financial_loss': 'Potential doubling of data breach costs in the '
'US (per IBM 2025 Cost of a Data Breach Report)',
'legal_liabilities': ['Companies exposed to lawsuits for sharing '
'cyber threat intelligence',
'Increased regulatory fines due to reduced '
'compliance support'],
'operational_impact': ['Reduced threat intelligence sharing',
'Increased software supply chain '
'vulnerabilities',
'Chilling effect on AI security development',
'Creation of blind spots in cyber defense']},
'investigation_status': 'Ongoing (political and industry response)',
'lessons_learned': ['Political dysfunction can directly undermine '
'cybersecurity defenses, creating systemic '
'vulnerabilities.',
'Legal protections are critical for fostering '
'collaboration in threat intelligence sharing.',
'The expiration of key cybersecurity laws can have '
'cascading effects, including increased costs, '
'operational blind spots, and hindered innovation (e.g., '
'AI security).',
'Industry reliance on government-backed programs like AIS '
'requires contingency planning for regulatory failures.'],
'post_incident_analysis': {'corrective_actions': ['Legislative: Fast-track '
'reinstatement of CISA 2015 '
'or a successor law with '
'bipartisan support.',
'Industry: Establish '
'private-sector '
'alternatives for threat '
'sharing with legal '
'protections.',
'Regulatory: CISA to issue '
'temporary guidance or safe '
'harbor provisions to '
'mitigate immediate risks.',
'Technical: Accelerate '
'adoption of automated '
'threat intelligence '
'platforms to reduce '
'reliance on manual '
'sharing.'],
'root_causes': ['Congressional failure to pass a '
'funding bill due to political '
'standoffs.',
'Lack of contingency planning for '
'the expiration of critical '
'cybersecurity legislation.',
"Underestimation of the law's role "
'in enabling collective cyber '
'defense.']},
'recommendations': ['Congress should prioritize the reinstatement of CISA '
'2015 or equivalent legal protections to restore threat '
'intelligence sharing.',
'Companies should explore alternative legal frameworks or '
'industry-led initiatives to mitigate risks from the '
'lapse.',
'Investment in private-sector threat intelligence '
'platforms to compensate for reduced government-backed '
'sharing.',
'Enhanced lobbying efforts by cybersecurity firms to '
'educate lawmakers on the national security implications '
'of such lapses.',
'Development of AI security tools with built-in legal '
'safeguards to encourage continued innovation despite '
'regulatory uncertainty.'],
'references': [{'date_accessed': '2025-09-30',
'source': 'ReversingLabs Statement on CISA 2015 Lapse'},
{'date_accessed': '2025-09-30',
'source': 'BreachRx CEO Andy Lunsford Interview'},
{'source': 'IBM 2025 Cost of a Data Breach Report'},
{'source': 'Cybersecurity Information Sharing Act (CISA 2015) '
'Overview'}],
'regulatory_compliance': {'legal_actions': ['Potential lawsuits against '
'companies sharing threat '
'intelligence post-expiration']},
'response': {'communication_strategy': ['Public statements by ReversingLabs '
'and BreachRx warning of consequences',
'Media coverage highlighting risks of '
'the lapse'],
'remediation_measures': ['Advocacy for congressional action to '
'reinstate CISA 2015',
'Industry calls for alternative legal '
'protections for threat sharing']},
'stakeholder_advisories': ['Cybersecurity firms (e.g., ReversingLabs, '
"BreachRx) have issued warnings about the lapse's "
'impact.',
'Industry associations (e.g., Cyber Threat '
'Alliance) likely to release guidance for members.',
'CISA may provide interim recommendations for '
'companies previously relying on AIS.'],
'title': 'Expiration of the Cybersecurity Information Sharing Act (CISA 2015) '
'and Its Impact on US Cyber Defenses',
'type': ['Policy/Regulatory Failure', 'Legal/Compliance Risk']}