Basically it allows companies to provide the federal government with data concerning "cybersecurity threats" without liability. But of course, the bill is extremely vague, so ANYTHING can be a potential cybersecurity threat.

"The bill proposes no actual strengthening of the internet's infrastructure - it just makes it easier for the government to pull information on what's happening.
Skilled technologists will have no issue maintaining their anonymity through VPNs, proxies, and encryption. The bill's proposed enforcement has little to do with what a professional would describe as cybersecurity.
If the bill were completely re-written such that it defines cybersecurity properly and such that its enforcement is in line with good cybersecurity practices, it might be a good bill. But CISPA is not that bill."

Just passed in The House, hopefully Senate won't follow suit.