Trump admin will push for ‘long-term’ reauthorization of key cyber data-sharing law
National Cyber Director Sean Cairncross speaks on stage during Semafor World Economy 2026 on April 15, 2026 in Washington, DC. Tasos Katopodis/Getty Images for Semafor World Economy
The Cybersecurity Information Sharing Act got a temporary revival as part of a funding package last year, but it will expire again in September unless renewed.
The White House is pressing Congress to extend a key cybersecurity authority that is poised to expire later this year unless renewed, a top official said Thursday.
The Cybersecurity Information Sharing Act of 2015 temporarily expired during the 43-day government shutdown that occurred late last year, but lawmakers ultimately extended it as part of the stopgap funding bill that ended that lapse. The government funding package signed into law in early February included a provision that prolonged the statute through September 2026.
Speaking at the Special Competitive Studies Project’s AI+ Expo event in Washington, D.C., National Cyber Director Sean Cairncross said the Trump administration is “pushing for a long-term reauthorization” of the law.
“I expect that, on the Hill, the right thing will be done over the course of time, and we will get there,” Cairncross said.
The measure allows private sector firms to freely transmit threat intelligence to federal partners with key legal exemptions in place. Legal carve-outs were made a core feature of the original 2015 law because cyber threat information often contains sensitive data on victims and companies. To help the U.S. trace nation-state cyber intruders and criminal hackers, those datasets often need to be shared with government cybersecurity and intelligence analysts.
The White House’s national cybersecurity strategy, which was released in March, called for enhancing communication between the public and private sectors to deter cyber threats. The same document also said the Trump administration was pursuing more offensive cyber operations against bad actors, including moving to “unleash the private sector by creating incentives to identify and disrupt adversary networks and scale our national capabilities.”
Cairncross said part of that overall effort includes “working on new ways to share information between the private sector and the [U.S. government] that’s actionable, that's fast and in both directions” — including through the Cybersecurity and Information Sharing Act of 2015.
The national cyber director has previously pushed for a clean extension of the law, but his comments show the Trump administration is vying to prevent its lapse for a significant time period.
In the early 2010s, legislative efforts to establish a cyber threat information-sharing framework faced major hurdles amid public skepticism over government privacy abuses following Edward Snowden’s 2013 global surveillance disclosures.
The view shifted after the Office of Personnel Management suffered a massive data breach in 2015, compromising the personal information of over 21 million current and former federal employees, which galvanized support for the law as it stands today.