Articles 3 min read

Cybersecurity Alert: Expiration of Cyber Threat Sharing Law 

As of September 30, 2025, the Cybersecurity Information Sharing Act of 2015 (CISA) has expired without reauthorization. This cyber threat sharing law previously enabled and protected the voluntary sharing of cyber threat indicators between private entities and the federal government.

Key Implications for Organizations

The expiration introduces a complex web of legal and compliance challenges that companies must navigate carefully to avoid unintended exposure.

Final Note

This development introduces legal and operational uncertainty at a time of heightened cyber risk. Organizations should take a proactive stance to mitigate exposure and maintain resilience.