Doran Robinson previously worked for healthcare information technology vendor athenahealth.
In a new push to protect consumer data, the retailer trade group forms an information-sharing platform where retailers can both provide and access information about data breaches and cyber attacks.
Data breaches are a concern for retailers—both online and inside stores—and the National Retail Federation trade group wants the U.S. Congress to do something about it.
Tom Litchford, the trade group’s vice president for retail technologies, testified in April before the U.S. House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies.
His goal? Encourage the subcommittee to recommend passage of the Cyber Intelligence Sharing and Protection Act, which would allow for sharing of Internet traffic data between companies and the government.
Almost one in five U.S. Internet users report their data have been stolen as a result of online activities, according to the Pew Research Center. And high-profile data breaches—like the one at Target Corp. in 2013—have made data security a higher priority.
To combat data theft, the National Retail Federation announced last month the creation of an information-sharing platform that will allow retailers to access data about threats that have been identified by other retailers, government agencies and law enforcement officials. The program is being developed with the Financial Services Information Sharing and Analysis Center, which launched in 1999 with backing from the U.S. financial sector.
Cy Fenton, senior vice president of information technology at Books-A-Million Inc., No. 476 on the Internet Retailer Top 500 Guide, agrees that sharing information would help mitigate the damage of attacks. . “As an industry, it is critically important that we continue to work together and identify problems while providing solutions that prevent criminal hacking and the resulting data breaches,” he says.
The National Retail Federation also has come out in favor of a switch to more secure credit and debit cards, Litchford says. The NRF is in favor of a program already underway at U.S. banks and credit card issuers to replace the current process of swiping a magnetic stripe card and getting the shopper to sign with cards carrying computer chips that would require the consumer to enter a 4-digit security code at checkout. While primarily designed to prevent theft of card numbers at bricks-and-mortar stores, this added security would be important for e-retailers, too. Even though, as with the Target breach, the credit card numbers and expiration dates were stolen from in-store systems, could the card data may have been used to make fraudulent purchases on e-commerce sites.