A law allowing private companies to share information about cybersecurity threats with the government expired Wednesday after Congress failed to reauthorize the legislation amid a wider shutdown fight.

The Cybersecurity and Information Sharing Act (CISA) of 2015, which initially appeared poised to be extended as part of a temporary stopgap measure, lapsed as lawmakers failed to avert a shutdown — a pause that lawmakers and experts warn could restrict a key pipeline of threat intelligence.

“If we don't extend these critical authorities, we will lose one of our most effective defenses against cyberattacks, as our adversaries' attacks continue to grow more aggressive and more sophisticated,” Sen. Gary Peters (D-Mich.) warned Tuesday on the Senate floor.

What CISA does

CISA provided companies with various protections for sharing cyber information. It shielded them from legal liability for monitoring information systems and providing cyberthreat indicators to the federal government.

It also protected companies from antitrust lawsuits for exchanging information or providing assistance related to countering cyberthreats.

“This law has protected our economy, it has protected our infrastructure, and it has protected our government for more than a decade,” Peters added.

“It allows private companies and federal agencies to share real-time threat information before attacks spread, before systems are compromised and before damage becomes irreversible,” he continued.

Peters and Sen. Mike Rounds (R-S.D.)........

© The Hill