Major trade groups for the retail and financial services industries have joined forces to fight hackers, announcing on Thursday a cybersecurity partnership intended to better protect consumers after the massive data breaches at Target Corp. and Neiman Marcus Group Ltd.
The 13-member coalition will encourage information sharing, new payment-card security tools, and collaboration on protections for payments made with mobile phones and other devices. The partnership includes the Retail Industry Leaders Association, Financial Services Roundtable, American Bankers Association, American Hotel & Lodging Association, Clearing House Association and Payments Co., Consumer Bankers Association, Food Marketing Institute, Independent Community Bankers of America, International Council of Shopping Centers, National Associations of Convenience Stores, National Grocers Association, National Restaurant Association and National Retail Federation.
“We are committed to working together to ensure customer personal and financial information is secure and protected,” said former Minnesota Gov. Tim Pawlenty (R), Financial Services Roundtable’s chief executive officer. “Exploring avenues for increased information sharing and collaborating on innovative technologies and safeguarding data will be critical in defending against common enemies.”
As part of the digital-security partnership, the trade associations will create working groups to discuss areas of agreement and disagreement in an effort to hash out their differences and find solutions. The working groups will focus on “increasing threat information sharing, innovative technologies that adds safeguards [sic] to protect consumers within the payment system and other areas like national data breach laws,” according to a news release.
Members of Congress last week questioned Target and Neiman Marcus executives about moving from magnetic-stripe debit and credit cards to cards containing smart-chip technology and creating a national standard for notifying customers of data breaches.
Target backs the chip technology, and plans to offer the system to its customers by next year, said John Mulligan, executive vice president and chief financial officer for the company. Neiman Marcus has no such plans at this time, said Michael Kingston, senior vice president and chief information officer for the retailer. But he agreed that the technology could help retailers better safeguard their customers’ personal information.
As for a national breach notification standard, Mulligan said he would support it over the existing balkanized regulatory framework. At present, 46 states and the District of Columbia, Guam, Puerto Rico and the Virgin Islands enforce differing standards for data breach notifications, according to the National Conference of State Legislatures.
Kingston said he didn’t have an opinion on the creation of a national standard. But he urged “flexibility.”
Despite their differences, Target and Neiman Marcus, which both belong to trade groups in the cybersecurity partnership, are committed to safeguarding their customers’ data, their executives said.
“Retailers place extraordinarily high priority on protecting customers’ personal information,” said Sandy Kennedy, president of the Retail Industry Leaders Association. “This partnership will improve collaboration across the payments ecosystem allowing us to work together to develop near- and long-term solutions that will enhance security for our customers.”