WASHINGTON (8/6/13)--The Credit Union National Association brought credit union cybersecurity concerns directly to the U.S. Treasury during a recent Financial Services Sector Coordinating Council for Critical Infrastructure meeting in Washington.
At the meeting, U.S. Treasury Assistant Secretary for Financial Institutions Cyrus Amir-Mokri and other senior government and financial services officials discussed efforts to facilitate the coordination on cybersecurity developments.
As detailed in this week's edition of the CUNA Regulatory Advocacy Report, CUNA has repeatedly emphasized that credit unions are already subject to robust data security requirements and standards, and should not be subject to additional regulations.
Additional coordination on cybersecurity would be helpful, CUNA has said.
CUNA continues to be engaged on cybersecurity issues, by working with the credit union system, FSSCC, regulators, BITS, and other entities. CUNA is also monitoring developments with the National Institute of Standards and Technology (NIST) framework.
On July 1, NIST released a discussion draft outline on a "Framework to Reduce Cyber Risks to Critical Infrastructure." CUNA is encouraged that the draft framework is "being developed through a private-public partnership" and is designed to be an "adaptable, flexible, and scalable tool for voluntary use" to "complement rather than to conflict with current regulatory authorities," Deputy General Counsel Mary Dunn wrote.
NIST plans to issue a proposed cyber framework this October for notice and comment, and to finalize the framework by February 2014.
Incentives to support adoption of this voluntary framework are being considered by the White House. Potential incentives include expedited government technical assistance, reduced tort liability, limited indemnity, lower burdens of proof, or the creation of a federal legal privilege that preempts State disclosure requirements in some cases, and public recognition for cybersecurity program participants.