White House cybersecurity announcement highlights need for action, says Nussle

February 11, 2015

WASHINGTON (2/12/15)--The White House Wednesday announced the creation of a new federal agency, the Cyber Threat Intelligence Integration Center, to analyze threats to the nation's cybersecurity and coordinate strategy to combat them. CUNA President/CEO Jim Nussle said the action highlights the need for strong action to enhance protections of Americans' personal financial data.

In September, CUNA sent a letter to President Barack Obama urging him to establish a new Cybersecurity Council. While CUNA generally supports containing federal government, CUNA maintains more focus is needed on cybersecurity at the national level on issues such as the role of merchants in securing consumers' personal financial data.  

Regarding the administration announcment, Nussle said, "Data breaches--no matter how they occur--are a huge and growing problem for the country and the president's announcement is a strong acknowledgement of the need for action in this area.

"Countless Americans have been affected by merchant data breaches. Until merchants are held to the same federal data protection and notification standard as financial institutions and until the costs of a data breach are ultimately borne by the entity that incurs the breach, there will be no end in sight.

"Merchants must be held accountable to stop American consumers' personal financial information from being compromised."

Credit unions and other financial institutions are bound under the Gramm-Leach-Bliley Act to adhere to strict federal data security standards, while merchants are not.  

CUNA maintains that merchants and financial institutions both play critical roles in the payments system and they should be held to similar standards with respect to protecting consumer data. The weak link in the system today, CUNA says, is on the merchant end.