The director of the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday that the agency would be “immediately” sharing incident reports from critical infrastructure organizations with the FBI.
The FBI and Department of Justice caused a minor furor on Thursday when both came out harshly against The Strengthening American Cybersecurity Act, landmark cybersecurity legislation that sailed through the Senate unanimously on Tuesday. The act forces critical infrastructure organizations to report cyberattacks to CISA within 72 hours and ransomware payments within 24 hours.
In statements to Politico, FBI Director Christopher Wray and Deputy Attorney General Lisa Monaco trashed the bipartisan bill because the FBI and DOJ are not included alongside CISA. Wray said it “would make the public less safe from cyber threats” and Monaco claimed the bill leaves the FBI “on the sidelines and makes us less safe at a time when we face unprecedented threats.”
The statements shocked officials on both sides of the aisle in the Senate and House, according to statements provided to Politico. The White House came out in support of the bill on Thursday evening but told CBS that it was “exploring all options, to ensure that the legislation enables all relevant Federal agencies to receive and process these incident reports as quickly as possible to carry out their cybersecurity missions.”
On Friday afternoon, CISA director Jen Easterly addressed the issue publicly, writing on Twitter that the agency would “immediately” share the incident reports with the FBI.