The Cybersecurity Information Sharing Act of 2015 (CISA) is a United States federal law designed to "improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes". The law allows the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies. Opponents question CISA's value, believing it will move responsibility from private businesses to the government, thereby increasing vulnerability of personal private information, as well as dispersing personal private information across seven government agencies, including the NSA and local police.

The text of the bill was incorporated by amendment into a consolidated spending bill in the U.S. House on December 15, 2015, which was signed into law by President Barack Obama on December 18, 2015.

The Cybersecurity Information Sharing Act was introduced on July 10, 2014, during the 113th Congress, passed the Senate Intelligence Committee by a vote of 12–3. The bill did not reach a full senate vote before the end of the congressional session.

The bill was reintroduced for the 114th Congress on March 12, 2015, and the bill passed the Senate Intelligence Committee by a vote of 14–1. Senate Majority Leader Mitch McConnell (R-KY) attempted to attach the bill as an amendment to the annual National Defense Authorization Act, but was blocked 56–40, not reaching the necessary 60 votes to include the amendment. Mitch McConnell hoped to bring the bill to senate-wide vote during the week of August 3–7, but was unable to take up the bill before the summer recess. The Senate tentatively agreed to limit debate to 21 particular amendments and a manager's amendment, but did not set time limits on debate. In October 2015, the US Senate took the bill back up following legislation concerning sanctuary cities. It passed in the Senate on October 27, 2015.

The text of the bill was incorporated by amendment into a consolidated spending bill in the U.S. House on December 15, 2015, which was signed into law by President Barack Obama on December 18, 2015.

The main provisions of the bill make it easier for companies to share personal information with the government, especially in cases of cyber security threats. Without requiring such information sharing, the bill creates a system for federal agencies to receive threat information from private companies.

With respect to privacy, the bill includes provisions for preventing the sharing of personal data that is irrelevant to cyber security. Any personal information that does not get removed during the sharing procedure can be used in a variety of ways. These shared cyber threat indicators can be used to prosecute cyber crimes, but may also be used as evidence for crimes involving physical force.

Sharing National Intelligence threat data among public and private partners is a hard problem, and one that many care about. The National Intelligence Threat Sharing (NITS) project is intended as an innovative solution to this hard problem. Altogether NITS is both innovative and useful. But first, to ensure that NITS is trustworthy, private partners must be indemnified. Indemnification takes an act of Congress, literally.