Some Thoughts on the Cybersecurity Information Sharing Act