Fighting the Real Threat in Cybersecurity
Despite ongoing differences, there is one thing both retailers and the financial sector can agree on: Winter is coming. For cybersecurity, it may even already be here. The exponential increase of data breaches and the like has put every industry at heightened risk over the last few years, and continues to do so. Unlike the various warring Westerosi factions in Game of Thrones, however, who won’t even acknowledge the existence of White Walkers, both groups know that the most crucial goal is holding the door (*sniff*) against the rampaging horde trying to break through firewalls and pillage the systems within.
I suppose that’s an encouraging difference. Both sides have previously recognized the need for improving the nationwide patchwork of data breach notification laws, and now the debate is over details. Not that these are inconsequential details. Currently, financial institutions are supporting a bill that would set notification requirements modeled after their own, insisting that retailers be subject to the same regulations they themselves have followed for the last 15 years. Says Jason Kratovil, vice president of government affairs for payments at the Financial Services Roundtable, “it’s long overdue for Congress to pass legislation ensuring that everyone has a similar mandate to keep customer data safe.” Conversely, groups like the Retail Industry Leaders Association argue it doesn’t make sense to apply the same uniform standard from one industry to another, which might end up like trying to force a puzzle piece where it doesn’t belong.
It’s a valid point, and as long as the discussions go on and the specifics hashed out, I think it’s a step forward towards improving a situation where we have 47 different state laws on this issue. It’s clear that this isn’t an issue retailers will be able to forget any time soon, at any rate. Home Depot is only now disclosing the financial ramifications of its own 2014 data breach: a total of $263 million of pretax gross expenses related to the breach have been recorded, though insurance proceeds look to mitigate that somewhat. As I’ve said before, every industry is vulnerable to a cyber attack, and each must work to ensure they hold that door strong against invaders. Or, at least, figure out the best way to alert people that the cyber zombies have broken through.