Browse Definitions:

Cyber Intelligence Sharing and Protection Act of 2011 (CISPA)

Contributor(s): Stan Gibilisco

The Cyber Intelligence Sharing and Protection Act (CISPA) of 2011 is a proposed United States federal law that would allow for the sharing of Web data between the government and technology companies. Authors of the bill state that it will help the government to contend with cyberterrorism and cyberwarfare.

CISPA has garnered favor from large corporations including Symantec, Microsoft and Facebook, as well as from various government agencies, all of whom share concerns about international cybersecurity. Some people (proponents and critics alike) interpret CISPA as a second attempt at strengthening digital piracy laws after the failure of SOPA and PIPA (the Stop Online Piracy Act and the Protect IP Act). 

CISPA has been criticized by the Electronic Frontier Foundation and the American Civil Liberties Union as a threat to personal and business communications privacy. Some critics argue that a lack of clarity in the bill could lead to unjustified shutting-down of Web sites or massive eavesdropping on private communications.

CISPA was introduced on November 30, 2011 by U.S. Representative Michael Rogers (R-MI) as H.R. 3523 and was passed in the House of Representatives on April 26, 2012. The bill is in effect an amendment to the National Security Act of 1947, which contains no provisions pertaining to cybercrime.

This was last updated in June 2012

Continue Reading About Cyber Intelligence Sharing and Protection Act of 2011 (CISPA)

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats


  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...


  • federated identity management (FIM)

    Federated identity management (FIM) is an arrangement that can be made among multiple enterprises to let subscribers use the same...

  • cross-site scripting (XSS)

    Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, ...

  • firewall

    In computing, a firewall is software or firmware that enforces a set of rules about what data packets will be allowed to enter or...



  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...


  • volume manager

    A volume manager is software within an operating system (OS) that controls capacity allocation for storage arrays.

  • external storage device

    An external storage device, also referred to as auxiliary storage and secondary storage, is a device that contains all the ...

  • NetApp SolidFire

    NetApp SolidFire is a business division of NetApp Inc. that specializes in all-flash storage systems.


  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.