WASHINGTON (9/30/14, UPDATED 10:24 a.m. ET)--The Credit Union National Association is asking President Barack Obama to establish a Cybersecurity Council that would report to the president and would be charged with "developing a comprehensive and timely approach to the range of issues associated with cybersecurity attacks on businesses and consumers in this country."
CUNA's new leader, President/CEO Jim Nussle, writes, "We urge the administration to give this idea full consideration, coordinating with Congress, agencies that are already addressing aspects of cybersecurity including prudential regulators, and the private sector to establish it."
Nussle notes in his letter to Obama that most recent massive data breaches have taken place in systems operated by merchants, not financial institutions.
"One important problem with current law is that, even when fault in a data breach lies with a merchant, credit unions and financial institutions are assigned many of the financial costs.
"One job of the Cybersecurity Council should be to help align liability with responsibility for these breaches," Nussle writes, adding that such a system would give more incentives to all parties to "take cybersecurity seriously."
Nussle detailed another key credit union concern related to merchant data breaches: "When credit unions reissue compromised cards, under current rules they are not permitted to reveal the reason for the reissuance, leaving the impression among many credit union members that it was the credit union that allowed the data to be compromised."