Last month, tucked into a 2,000-page spending bill, the Cybersecurity Information Sharing Act of 2015 (CISA) was enacted into law. Years in the making, CISA is intended to incentivize organizations to share cyber threat indicators with the federal government and to promote the dissemination of this information to organizations facing similar threats. The spending bill included a number of other cybersecurity provisions covering topics ranging from federal preparedness to foreign policy strategy. Most notably, the bill directs the Department of Health and Human Services to develop cybersecurity best practices for organizations in the healthcare industry. The bill also directs federal agencies to create new plans to fortify federal information systems and identify cyber-related gaps in the federal workforce.