Lawmakers and witnesses at a House Homeland Security Subcommittee hearing said reauthorizing the Cybersecurity Information Sharing Act of 2015 should be matched with sufficient resources and restored advisory forums to ensure the statute produces usable, timely threat intelligence.

Representative Magaziner told the panel that the Cybersecurity and Infrastructure Security Agency (CISA) “makes our country safer” but warned that planned budget cuts would undercut that mission: he said the administration’s fiscal 2026 proposal would cut “nearly half a billion dollars from CISA’s budget” and that reports showed plans to cut “over a thousand jobs.”

Witnesses said those staffing and funding concerns compound the effect of lost forums. Catherine Keane, CISO in residence at the National Technology Security Coalition, testified that the termination of the Critical Infrastructure Partnership Advisory Council (CPAC), the disbanding of the Cyber Safety Review Board and recent changes to the Cybersecurity Advisory Committee “have undermined public‑private cooperation in cybersecurity.” Keane and other panelists praised the Joint Cyber Defense Collaborative (JCDC) as a useful operational channel; Keane said JCDC “allows for rapid distribution when threat happens between industry and government.”

Why it matters: Committee members and witnesses described a chain: statutory protections under CISA 2015 enable private‑public sharing, but the value of shared indicators depends on CISA’s ability to receive, analyze and return actionable information and on advisory bodies that translate operational lessons across sectors. Several witnesses said without adequate staffing and functioning advisory mechanisms, information would be slower to reach smaller companies and local infrastructure operators that lack in‑house cybersecurity capacity.

Details and examples: Representative Magaziner and witnesses gave examples of harms to small and medium enterprises, such as an anecdote offered by a witness about a small concrete distributor that closed after a ransomware incident because the company lacked resources to recover. Witnesses urged Congress to codify or reestablish collaborative functions (for example, reviving CPAC or codifying a CPAC‑like advisory role) and to ensure CISA has the workforce and funding to run automated processes like Automated Indicator Sharing (AIS) and the Joint Cyber Defense Collaborative.

Subcommittee implications: Members signaled intent to press the administration and CISA on workforce and budgeting decisions while proceeding with reauthorization. Several said a clean reauthorization should not preclude parallel oversight to restore advisory councils and to confirm CISA has the staff and systems to operationalize information sharing.

Ending: Lawmakers and witnesses emphasized that statutory protections alone are insufficient: staffing, funding, and functioning advisory bodies are needed to make threat information timely and actionable for small and large organizations alike.