Cybersecurity in congressional coma

After failing to pass the Cybersecurity Information Sharing Act prior to its August recess, the U.S. Senate has postponed action on the bill—which some saw as urgent and others thought was being rushed—until September.

The bill addresses cybersecurity threats by streamlining information sharing between companies, and between the government and the private sector, which has drawn objections from privacy advocates, The Washington Post reported.

Majority Leader Sen. Mitch McConnell, R-Ky., and Minority Leader Sen. Harry Reid, D-Nev., plan to combine consideration of the CISA bill into legislation regarding the debate on the Iran nuclear agreement, with additional debate about cybersecurity to follow, according to the Washington Examiner.

The massive data breach of the federal government's Office of Personnel Management, which compromised the personal data of 22 million people, has made the bill a priority with Senate leadership.

"That story should worry every one of us, Democrats and Republicans alike," McConnell said. "While that massive breach may have been one of the worst, it certainly, unless the administration can be rescued from the cybersecurity dark ages, won't be the last."

Related to cybersecurity, a number of consumer advocate groups and national nonprofits are calling on the government to make chip-and-PIN credit and debit card acceptance the law in this country.

"We feel Congress must urge the nation's largest credit card issuers—particularly the big banks and credit unions—to do everything they can to provide the best possible safeguards to protect consumers and their financial transactions," according to a letter to Congress that was also sent to the White House, the Federal Reserve and the Consumer Financial Protection Bureau. The letter was signed by ProtectMyData, the Multicultural Media, Telecom and Internet Council, the Hispanic Technology and Telecommunications Partnership and DiverseTech.

"Our hope is that by raising awareness through op-eds, radio and TV appearances, events and letters to Congress, policymakers will begin to put pressure on financial institutions to upgrade their payment card technology," Debra Berlyn, leader of ProtectMyData, told FierceRetailIT.

"Congressional recognition of the benefits of chip-and-PIN brings us one step closer to institutionalizing the system once and for all," she said. As retailers and merchants begin upgrading their payment terminals to accept these changes, it is now up to banks and card issuers to manufacture and distribute cards outfitted with both chip-and-PIN.

"Given staggering evidence from the Federal Reserve about the benefits of chip-and-PIN, and from its success abroad, banks are doing a disservice to their customers by cutting corners and issuing chip-and-signature cards, which is merely a half-measure. We are urging Congress to continue this dialog and to encourage the private sector to make the necessary changes to our payment technology," Berlyn said.

Evidence of chip-and-PIN's benefits were highlighted in President Obama's executive order last October that required chip-and-PIN technology for government-issued credit cards and an upgrade of point-of-sale terminals at federal buildings, she said.

Shortly after, Sen. Mark Warner, D-Va., wrote a letter to federal regulators asking why the United States continues to use chip-and-signature, despite overwhelming evidence of chip-and-PIN success abroad. Also, during a Senate subcommittee hearing in February, Sen. Amy Klobuchar, D-Minn., brought up the importance of chip-and-PIN technology and its superior protection system in today's payment card market.

But since then, "the dialog appears to have fallen on deaf ears," Berlyn said. "Chip-and-PIN technology provides the most reliable safeguards to prevent fraudulent activity during point-of-sale and in-store transactions."

For more:
-See this article in The Washington Post
-See this Washington Examiner article
-See this ProtectMyData press release

Related stories:
Target opens cybersecurity center to fight online threats
Apple CEO blasts tech companies, feds in defense of privacy
Independent grocers urged to embrace cybersecurity
Retailers, banks spar over chip-and-PIN cards
Where have all the hackers gone?