Retailers, banks, insurance companies, and government agencies have all seen an increase in cyberattacks. The consequences can range from supply chain delays to customer data loss to reputation damage. With such serious consequences, increased security is an issue that has been on the agenda in Washington for a long time. Luckily, the U.S. has called for stricter cybersecurity measures to protect consumers and businesses. Take a look at what has already taken place and learn what you can expect in the future.
Double Line of Defense: Chip and PIN
Currently, U.S. consumers use chip-and-signature credit cards, which offer just a single line of defense against identity theft. Chip-and-PIN cards, however, offer extra protection for both online and physical purchases.
In 2015 President Obama signed an executive order requiring all credit cards issued to government workers to have both PIN number and a Europay, MasterCard, and Visa (EMV) chip. This creates a double line of defense against criminals and forces banks to set up the infrastructure to support these types of credit cards for consumers on a large scale. The U.S. government hopes that a move to chip-and-PIN cards will take place in 2016 or 2017, although no specific timeline has been announced.
Security Breach Notification Law
Another thing that the Obama administration has implemented is a security breach notification law. Essentially, whenever a company experiences a data breach during which customer information becomes compromised, the company must notify all of its customers. The law has forced big companies like Target to issue consumer notifications, and coverage of such notices has become more and more frequent in the media. While much has been done, creating a standard data breach law across all states requires more reform.
Supply Chain Information Risk Assurance Process
The Information Security Forum has developed a supply chain information risk assurance process to help businesses secure their supply chains. They’ve looked at federal law related to information security in order to create these guidelines. Ultimately businesses can take a several actions to minimize the risk of cyberattacks.
One major problem is that global supply chains rely heavily on shared information among manufacturers, suppliers, distributors, and partners. This dependence on shared information makes it difficult for companies to secure all customer information throughout the supply chain. This is especially problematic since businesses don’t always have control over who their partners do business with through all the tiers. Many cyberattacks target this vulnerability specifically. It’s more important than ever for businesses to incorporate cyberattack clauses into their risk management plans.
When consumers first began to rely on online shopping over a decade ago, many online users hesitated to use the technology because they were afraid of having their credit card information compromised. After a series of data breaches, many users have slowly begun to revert back to that mentality. In reality, consumer information is at risk whether users make a purchase with a credit card online or in a physical store. That’s why the federal government is making strides to secure consumer information by implementing laws and guidelines that deter cyberattacks.