In Wake of Target, Retailers to Build Cyber-Security Info Exchange

Announcement Comes a Week After FTC Chair Hinted at Move in That Direction

By Published on .

Credit: Patrick T. Fallon/Bloomberg

Last week, Federal Trade Commission Chairman Edith Ramirez said the agency is "actively exploring" creation of an information exchange to assist retailers in enhancing data security and preparing for new types of data breach attacks.

It looks like industry might beat the FTC to the punch. The National Retail Federation said today it will craft a cyber-security information exchange in conjunction with the Financial Services Information Sharing and Analysis Center, a financial industry organization.

"I think there's a general consensus among policy makers and also among retailers that better information sharing would be a good idea," said David French, senior VP-government relations for NRF.

The project is a direct result of the Target data breach and an increase in security holes, he said. In the weeks following the Target breach, a lot of information to assist other retailers in preventing similar situations was prepared and shared, he said, but "not all of it was easy to disseminate to the entire retail community."

The Information Sharing Analysis Center -- or ISAC -- is intended to remedy that. The trade group is working on a timeline for the project which should be determined by June. The exchange would be accessible by designated cyber-security professionals and would distribute information gleaned from law enforcement, retailers, financial services firms and payment facilitators, according to Mr. French.

"Our members have indicated a desire to part in this kind of sharing process," he continued.

Alluding to sixteen other ISACs, Senators Mark Warner, D-Va., and Mark Kirk, R-Ill., in February called on the FTC to develop an exchange for security information among retailers.

The trade group said The Chertoff Group, a security services firm founded by former U.S. Homeland Security chief Michael Chertoff, will advise them in the security effort.

Even the U.S. Secret Service has taken an interest in safeguarding retail data. According to an NRF press announcement, NRF reps "held in-depth discussions with the United States Secret Service and other law-enforcement agencies for insight and guidance on how to improve communication, identify available resources and collaborate more effectively to help retailers combat criminal cyber activity."

Most Popular