Skip to main content
close search
site logo
Dive Brief

As cyber threats grow, utilities say lapsed information-sharing law stymies security

The Cybersecurity Information Sharing Act of 2015 has expired, and utilities say the U.S. faces a “more complex and dangerous security environment” as a result.

Published Oct. 20, 2025
Robert Walton's headshot
Senior Reporter
cybersecurity hackers cyberattacks IT
New threat groups are focused on operational technology and industrial control system environments where they can impact the delivery of services, Kristine Martz, a principal product advisor at cybersecurity firm Dragos, said Oct. 17, 2025 at a conference hosted by Columbia University’s School of International and Public Affairs. Getty Images

Dive Brief:

  • Amid rising threats to operational systems and a chaotic geopolitical environment, electric utilities want Congress to cleanly reauthorize the Cybersecurity Information Sharing Act of 2015, which allows for greater information sharing between the power sector and federal government.
  • The law lapsed October 1. A temporary extension was included in the government funding bill, which failed and resulted in the current shutdown. A bipartisan Senate bill could bring CISA’s protections back into force.
  • It is vital that utilities are able to share threat information as the risks are rising, said Kristine Martz, a principal product advisor at cybersecurity firm Dragos. “Adversaries are becoming aware of the impact that they can achieve against easy to access industrial control systems,” or ICS, she said Friday at a conference hosted by Columbia University’s School of International and Public Affairs.

Dive Insight:

“We’ve seen a consistent rise in threat activity over the years,” Martz said, noting new threat adversaries are focused on operational technology and ICS environments where they can impact the delivery of services.

“They get in through these internet-facing devices and just live off the land for a long time to perform reconnaissance, pulling down things like your GIS data, your network maps,” Martz said. “Living off the land” refers to cyber intruders using legitimate network tools to cover their presence and gain information.

While utility regulations like the North American Electric Reliability Corp.’s Critical Infrastructure Protection standards have helped create a baseline of security and shored up obvious weaknesses, Dragos has identified new threat groups developing operational and ICS-specific malware which take advantage of the extensive knowledge of utility work environments that hackers can gain from their research, Martz said.

Given the threat, and in an environment of rapidly growing electricity demand, it is vital that electric utilities are able to share information with government partners without fear of penalty, experts say.

The Edison Electric Institute, which represents investor-owned utilities, the Interstate Natural Gas Association of America, American Public Power Association, American Gas Association, National Electrical Manufacturers Association and the Electric Power Supply Association signed a letter in September urging a “clean” CISA 2015 reauthorization. The letter was led by the U.S. Chamber of Commerce and included a wide range of organizations.

The law’s lapse means the U.S. will face a “more complex and dangerous security environment,” the groups said. CISA “provides safeguards for businesses regarding public disclosure, regulatory issues, and antitrust concerns to facilitate the timely exchange of information between the public and private sectors. Industry and government have a strong history of protecting privacy and civil liberties under this law,” the groups said.

Reauthorizing the law will “ensure that businesses have legal certainty and protection against frivolous lawsuits when voluntarily sharing and receiving threat indicators and taking steps to mitigate cyberattacks,” the groups said.

Congress failed to reauthorize the program despite broad support among Trump administration officials, lawmakers, industry leaders and cybersecurity experts. Senate Homeland Security Committee Chair Rand Paul, R-Ky., blocked efforts to save the program as he sought new restrictions on the law’s efforts to combat online mis- and disinformation.

Bipartisan legislation introduced by Sens. Gary Peters, D-Mich., and Mike Rounds,  R-S.D., would renew CISA for 10 years and would be retroactive to cover the lapse since the government shutdown began.

“Threat intelligence sharing between the private and public sector is vital in protecting critical infrastructure from cyberattacks,” Dragos CEO Rob Lee said in a statement supporting the bill. “This critical cyber information sharing authority has given private entities the guardrails, and the confidence needed for responsible cooperation with the federal government. Those authorities must be renewed.”

Kate Mabbett, director of security strategy and financial planning for American Electric Power, said during the Columbia panel that the reauthorization of CISA is a top security policy priority right now for the utility sector.

“I need to know I’m not going to be punished for sharing something that can better protect the nation,” Mabbett said.”There needs to be trust both ways — that I can share sensitive information about how I’m operating, and that the government is going to help protect that.”

Editors' picks

Company Announcements

View all | Post a press release
Energy Policy Design Institute Launches VPP Convergence Project to Advance Virtual Power Plant…
From Energy Policy Design Institute
October 15, 2025
Energy Policy Design Institute logo
Panel Built Launches Modular Battery Energy Storage System (BESS) Facilities to Meet Growing D…
From Panel Built
October 08, 2025
GridBeyond launches Energy Trends Podcast featuring industry leaders and energy experts
From GridBeyond
October 14, 2025
GridBeyond logo
Forth Roadmap Conference Heads to Detroit
From Forth
October 07, 2025
Forth logo
Editors' picks
Latest in Grid Security & Reliability
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.