US lawmakers propose amending cybersecurity bill to include crypto firms reporting potential threats – Vijay Gir

US lawmakers propose amending cybersecurity bill to include crypto firms reporting potential threats


United States Senators Marsha Blackburn and Cynthia Lummis have introduced proposed changes to a 2015 bill that would allow “voluntary information sharing of cyber threat indicators among cryptocurrency companies.”

According to a draft bill on amending the Cybersecurity Information Sharing Act of 2015, Blackburn and Lummis suggested U.S. lawmakers allow companies involved with distributed ledger technology or digital assets to report network damage, data breaches, ransomware attacks, and related cybersecurity threats to government officials for possible assistance. Should the bill be signed into law, agencies including the Financial Crimes Enforcement Network and the Cybersecurity and Infrastructure Security Agency would issue policies and procedures for crypto firms facing potential cybersecurity risks.

The original bill, which passed in the Senate in October 2015, essentially set up a framework for the U.S. government to coordinate cybersecurity reports from “private entities, nonfederal government agencies, state, tribal, and local governments, the public, and entities” and recommend possible methods to prevent and protect against attacks. Under the proposed amendment, the legislation would be renamed the Cryptocurrency Cybersecurity Information Sharing Act.

Blackburn reportedly told TechCrunch the amendments to the cybersecurity bill would provide a means for crypto firms to “report bad actors and protect cryptocurrency from dangerous practices,” given potential illegal uses. Lummis has also co-sponsored bills in the Senate aimed at providing regulatory clarity to the space by addressing the respective roles of the Securities and Exchange Commission and Commodity Futures Trading Commission over digital assets.

Related: Blockchain and cybersecurity awareness on the rise — PolySwarm CEO

The original cybersecurity bill stated it would be in effect for 10 years starting on the date of its enactment. As of October 2015, Congress reported the bill was held at the desk of the House of Representatives.