National response to criminal cyber-attacks?

In the aftermath of several large US retailers being targeted by data theft, the National Retail Federation urges Congress to act and enforce a national response to criminal cyber-attacks. Today, the data breach notification laws vary between 46 states and the District of Columbia, and a nationwide standard would aid in managing data breaches.


The Senate committee for Commerce, Science, and Transportation agrees. They recently introduced the Data Security and Breach Notification Act, and if passed it will require the Federal Trade Commission to issue security standards for companies holding consumers’ information. The FTC rules would include security protocols to protect information, requirements for breach notifications, and systems to make consumer electronic data unreadable in the case of a breach.


The list of wanted improvements from the National Retail Federation also holds more resources for law enforcement agencies, and approval of the Cyber Intelligence Sharing and Protection Act to make it easier for the commercial sector to share information about cyber threats. The act has been proposed since 2011, and would allow for sharing Internet traffic information between the US government and technology and manufacturing companies.


The NRF hopes the act would lead to a simple and effective means of sharing important cyber threat information. Opponents to the bill fear it contains too few limits on how and when the government may monitor a private individual’s Internet browsing information.


In addition to approaching Congress, the NRF urges banks and card companies to improve on today’s fraud prone system. As long as card data is clearly written for everyone to see and duplicated on a magnetic stripe on the back of the card, stealing the information is fairly easy. In some areas of Europe, the card industry has moved to a micro-chip embedded in the card combined with a secret number that replaces the written signature. Chip systems in the US remain open to fraud by allowing the use of a signature.


The NRF is the world’s largest retail trade association, and they represent merchants from over 45 countries.


For more information:


Cyber Intelligence Sharing and Protection Act


Retailers Commit to Collaborative Approach to Reduce Fraud


Yet Another Data Breach Bill Introduced