Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management


Point of View: Congress Ironically Hacks CISA into "Must Pass" Omnibus Spending Bill -- Destroys Privacy

The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015.  This bill provides broad protection to companies that share loosely defined "cybersecurity" information with government, even disallowing FOIA requests attempting to learn how much information was shared. 

Whether or not you agree with CISA, it’s easy to dislike the process that is being used to shove this bill into law.  The lack of scrutiny and guerrilla tactics create the appearance that this is just a thinly veiled effort to restore warrantless government surveillance over all forms of communication, including the Internet and social media. They’re using “cybersecurity” threat as a way to scare people into approving new huge programs to monitor communications. And it’s not likely to stop here.  Officials are already complaining that encryption prevents government access to communications, and therefore companies should include a backdoor for government access.

“It’s clear now that this bill was never intended to prevent cyber attacks,” said Evan Greer, campaign director of Fight for the Future, in a statement. “It’s a disingenuous attempt to quietly expand the U.S. government’s surveillance programs, and it will inevitably lead to law enforcement agencies using the data they collect from companies through this program to investigate, prosecute, and incarcerate more people, deepening injustices in our society while failing to improve security.”

None of this is good for cybersecurity. And none of it will help with terrorism. All it will do is destroy privacy and build an expensive and powerful surveillance empire.

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast. Previously, Jeff was co-founder and CEO of Aspect Security, a successful and innovative application security consulting company acquired by Ernst & Young. Jeff is also a founder and major contributor to OWASP, where he served as the Chair of the OWASP Board for 8 years.