The Electronic Transactions Association played a vital role in getting the Cybersecurity Information Sharing Act (CISA) included in the omnibus spending bill, which was just signed into law. The legislation expands the sharing of cyber threat information between private firms and the Department of Homeland Security (DHS) without intruding on consumer privacy.
(Los Angeles, CA) February 8, 2016—While it might not be commonly known, the U.S. government, its citizens and its businesses are all under continuous cyber attack by foreign entities, criminal organizations and hacker groups seeking intellectual property, control of bank accounts, and personal information. High-profile breaches such as at Sony Pictures, Target, the State Department and the White House are just the latest examples. (1)
Cleveland Brown, CEO of Payscout, a global payment processing provider and ETA member that has expanded to six continents and become a noted thought leader for the payments industry, said that during 2015, federal and state lawmakers were looking at the electronic payments industry to help them defend against data breaches made possible by continually evolving technological advances.
“Payscout has grown enormously in the past three years, processing billions of dollars in transactions. The rise of the high-tech electronic payment processing service is foundational to the world’s economy, so security is one of Payscout’s core values,” Brown said. He added, “I take a strong interest in participating in shaping government and consumer security policies so the beneficial growth of this industry continues unabated.”
With the passage of CISA, there can now be a voluntary cybersecurity information sharing process that will encourage public and private sector entities to share cyber threat information, without legal barriers or the threat of unfounded litigation, while at the same time protecting private information. This legislation also includes provisions to improve federal network and information system security, include assessments on the federal cybersecurity workforce, and increase reporting and strategies on cybersecurity in both industry and criminal-related matters.
Brown noted that although privacy advocates have raised concerns over the passage of the bill, it is a bi-partisan effort that has been negotiated to add in consumer protections, and it is widely considered to be a solid piece of legislation. He said many other laws are on the books that already protect consumer privacy and the passage of CISA simply adds cybersecurity into the realm of areas DHS will be able to investigate and protect.
DHS committee chairman Michael McCaul made it clear how important it is that DHS be the sole portal for voluntarily shared information from private companies, and that the bill shall explicitly prohibit military and NSA portals. With regard to the CISA, Chairman McCaul said, “This streamlines the Federal government’s ability to more effectively identify and thwart cyber-attacks.” (1)
Scott Talbott, SVP of government relations at ETA, explained the importance of the law. “The electronic transactions industry is on the forefront of defending against cyber attacks and our industry often sees the initial stages of a cyber attack. The new law, CISA, allows the payments transactions industry to share information about cyber threats with DHS, which helps strengthen cyber defenses and shorten response time.”
Talbott added that, “ETA members like Payscout traveled to Washington D.C. to advocate for CISA. It is this leadership that helped convince Congress of the need for CISA. Leadership like Payscout helped shaped policy and is a direct example of the importance of being involved with government affairs.”