Retailer’s Applaud New Anti-cyber Attack Laws

National Retail Federation (NRF) President and CEO Matthew Shay says his industry hasn't always seen eye-to-eye with President Obama, but there's one subject where there's complete agreement – cyber-security and the need to protect sensitive consumer information like credit and debit card numbers.

“Last fall, the president signed an executive order requiring that credit cards issued to government workers be protected with both a computer microchip and a personal identification number rather than the chip-only cards being rolled out to consumers,” says Shay. The order will force banks to set up the infrastructure for both chip and PIN, making it easier for retailers to convince banks that consumers — not just government workers — need both forms of protection.”

Shay notes in a letter to his NRF constituents that the president called for a uniform national law on data breach notification that would replace 47 conflicting state laws and, if written properly, would apply to banks, card processors and all other entities that handle consumer data, not just retailers.

“Finally, Obama signed an order in February that directs the formation of Information Sharing and Analysts Organizations through which retail and other ‘non-critical' industries could share information about cyber threats. He also called for passage of federal legislation providing liability protection to businesses that participate,” says Shay.

The information-sharing groups would be similar to the Information Technology Security Council formed by NRF last year that currently disseminates cyber threat information among more than 150 retail companies. And the legislation is something NRF has sought for more than a year.

The announcements came at Stanford University earlier this spring during a White House cybersecurity summit Shay and NRF Vice President for Retail Technology Tom Litchford attended on behalf of the retail industry.

The day before the summit, NRF published an open letter to President Obama as a full-page ad in The Wall Street Journal, commending him on his commitment to the issue and suggesting steps to make the goal of stopping cyber crimes a reality.

“Cybersecurity is an issue that has been on the Washington agenda for a number of years now, with the urgency heightened in the past year by increasingly frequent cyber attacks on retailers, insurance companies, banks, government agencies and even the White House itself,” says Shay.

But it is also an issue that has been repeatedly derailed by the usual Washington politics, ranging from what congressional committee should have jurisdiction to what industry should be blamed. Shay says that in the meantime, the criminals grow bolder and more enterprising.

“That's why the attention that comes only when the powerful searchlight of the White House is focused on an issue is needed, and why these actions are so important,” he says.

SC
MR