Newsroom

NAFCU President and CEO Dan Berger thanked President Barack Obama Tuesday for his new policy directive focused on cybersecurity but said more needs to be done, including implementation of national data security standards for merchants that handle consumers' personal information.

"NAFCU and our members welcome President Obama's continued focus on addressing cybersecurity threats," said Berger. "However, data security is also of critical importance, and much more needs to be done on this front. Retail data breaches continue to be popular among cybercriminals seeking to capture consumers' sensitive personal and financial information."

Obama's policy directive sets forth principles on the federal government's response to any cyber incident, whether it affects government or private sector entities. It establishes lead federal agencies and a guide for coordinating the broader federal government response to cyber incidents. Under this new directive, the Justice and Homeland Security Departments will also be required to maintain updated contact information for public use to help entities affected by cyber incidents report them to the proper authorities.

Regarding any cyber incidents that affect private entities, the directive notes that the federal government will typically not play a role but will remain "cognizant of the affected entity's response activities."

In February, NAFCU welcomed a cybersecurity action plan released by the White House that noted the importance of addressing the serious risk cyber threats pose to the nation's economy. NAFCU also continues to advocate for passage of the "Data Security Act of 2015" (H.R. 2205/S. 961), which would hold merchants to the same data security standards already in place for financial institutions.