US Congress moves to restore CISA 2015, closing cybersecurity gaps for critical infrastructure - Industrial Cyber

Attacks and Vulnerabilities Control device security Critical infrastructure Industrial Cyber Attacks Malware, Phishing & Ransomware News Threat Landscape US Congress moves to restore CISA 2015, closing cybersecurity gaps for critical infrastructure November 12, 2025 U.S. lawmakers included the extension of a key cyberthreat sharing law and cyber grant program in the continuing resolution to reopen the federal government. The lapse of these initiatives left a significant gap in corporate and government collaboration on cyber threats, raising concerns for critical infrastructure installations, including energy grids, water systems, and transportation networks, which rely on timely threat intelligence to prevent disruption or damage. Restoring the law is seen as essential to closing this vulnerability and strengthening protections for vital national systems as federal operations resume. The Senate advanced a continuing resolution in a 60-40 vote to end the six-week shutdown, which includes short-term reauthorizations for the Cybersecurity Information Sharing Act of 2015, State and Local Cybersecurity Grant Program (SLCGP) run by CISA, and the Federal Emergency Management Agency. CISA 2015, which expired on Oct. 1, the same day the shutdown began, provides legal protections for companies sharing real-time cybersecurity information through the Department of Homeland Security. Its lapse has left a gap in corporate cybersecurity collaboration that Congress now aims to close as part of restoring federal operations. The CISA 2015 will go back into effect through Jan. 30, 2026, once again providing liability shields, antitrust protections, and Freedom of Information Act exemptions for firms sharing cyberthreat indicators with federal agencies.  The Senate’s move also allocates $85 million for the Office of the Chief Information Officer, with at least $60 million earmarked specifically for the department’s cybersecurity needs. The bill also identified that the head of any federal entity that assists the House of Representatives in the House’s efforts to deter, prevent, mitigate, or remediate cybersecurity risks to, and incidents involving. These information systems of the House shall take necessary steps to ensure the constitutional integrity of the separate branches of the government at all stages of assisting, including applying minimization procedures to limit the spread or sharing of privileged House and Member information. The bill also provides $74.75 million for salaries and expenses necessary for the operation of the Congressional Budget Office, including not more than $6,000 for certification of the CBO director related to official representation and reception expenses, of which at least $7.1 million is designated for cybersecurity-related costs. It also specified that the CBO director shall use not less than $500,000 of the funds to enhance technical systems, processes, and models to improve transparency of budgetary effect estimates for Members of Congress, their staff, and the public, and expand access to models, economic assumptions, and data for Members of Congress, their staff, and the public. The bill further provides that $2.75 million of the funds allocated for cybersecurity-related expenses shall remain available until Sept. 30, 2027. Experts hope the extension allows lawmakers time to finalize long-term reauthorizations of both of these important cybersecurity programs. “Extending the Cybersecurity Information Sharing Act of 2015 (CISA 2015) and the State and Local Cybersecurity Grant Program (SLCGP) through January 2026 buys time for Congress to finalize long-term reauthorizations of both of these important cybersecurity programs,” Jiwon Ma, a senior policy analyst at FDD’s Center on Cyber and Technology Innovation, wrote in an emailed statement. “Congress now has less than 90 days to decide whether to restore long-term stability to CISA 2015 and SLCGP or continue the cycle of short-term patches that weaken our cyber defenses.” Ma added that, “The extension should be treated as an opportunity to modernize both programs – and there is pending legislation in the House to do just that.” Moreover, Ma listed that  “Congress can strengthen CISA 2015 by updating liability protections, clarifying data handling standards, and expanding participation from small and rural critical infrastructure owners and operators that too often remain outside formal information sharing networks.” Michael Centrella, head of public policy at SecurityScorecard and a former assistant director at the U.S. Secret Service, wrote that reauthorization should go beyond simply restoring the past. It should establish a modernized framework that enables real-time, automated data exchange between trusted partners across sectors and incentivizes responsible sharing through updated liability protections and privacy standards.  It must also integrate AI-driven analytics to surface and contextualize threats faster than human analysts can react, and expand international cooperation so allies and partners can jointly defend the global digital economy. Anna Ribeiro Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT. Related NIST expands CSF 2.0 toolkit with quick-start guides aligning cyber risk, risk management, workforce strategy PwC Annual Threat Dynamics 2026 discloses that identity attacks surge as AI reshapes cyber threat landscape Forescout achieves FedRAMP high ATO, strengthens security for converged IT, OT and IoT networks Darktrace introduces Adaptive Human Defense to personalize security training and protection across organizations NetRise Provenance launched to expose open source contributor risk, map impact across software supply chains ISA opens call for ISA113 committee to tackle industrial workflow interoperability challenges across industrial systems Forescout 2026 Riskiest Connected Devices report warns of rising OT, ICS risk as network infrastructure becomes prime target Resecurity warns that Iran war enters multi-domain phase as cyber and kinetic operations converge M-Trends 2026 reveals threat landscape shaped by faster, coordinated, and industrialized cyberattacks AppGate launches OT ZTNA solution to secure industrial control systems and critical infrastructure