I will give you an example. It'll be an artfully constructed one but I think one that will make the point.
All the banks in Canada use the same Internet providers for most of their network services. Whereas banks can see anything that happens within their infrastructure, they can't see what happens across infrastructure. That's visible at the level of the operator. Currently, if that operator were to turn to the banks and say he sees a vulnerability that is addressing all of them, chances are the banks would come back to the operator and ask why he didn't tell them 30 seconds ago when he knew about it, and therefore, they're going to hold him liable for their losses.
There is a perverse disincentive for the infrastructure operators to provide that information. I would argue that rewriting the current instruments of the Telecommunications Act to compel operators to share that information would, first of all, not expose them to liability and would, second, increase the usable information on the cybersecurity side that would be available to the downstream clients.