Press

NAFCU Letter to HFSC SC on oversight and investigations ahead of today’s hearing, “A Global Perspective on Cyber Threats”

The Honorable Sean P. Duffy                        
Chairman                                                        
Subcommittee on Oversight and Investigations                                         
Financial Services Committee                         
U.S. House of Representatives                      
Washington, D.C. 20515

The Honorable Al Green
Ranking Member
Subcommittee on Oversight and Investigations
Financial Services Committee
U.S. House of Representatives                      
Washington, D.C. 20515    

Re:      Tomorrow’s Hearing, “A Global Perspective on Cyber Threats”

Dear Chairman Duffy and Ranking Member Green:

On behalf of the National Association of Federal Credit Unions (NAFCU), the only trade association exclusively representing our nation’s federally chartered credit unions, I write today regarding tomorrow’s hearing, “A Global Perspective on Cyber Threats.” Credit unions serve over 100 million members across the country and we appreciate your attention to this important matter.

NAFCU supports the strengthening of existing mechanisms in place to address cybersecurity issues such as the Financial Services Sector Coordinating Council (FSSCC) and the Financial Services Information Sharing and Analysis Center (FS-ISAC). These organizations work closely with partners throughout the government creating unique information sharing relationships that allow threat information to be distributed in a timely manner.  NAFCU also has worked with the National Institute of Standards and Technology (NIST) on the voluntary cybersecurity framework released in 2013 designed to help guide financial institutions of varying size and complexity relative to reducing cyber risks to critical infrastructure.  Protecting our nation’s cyber infrastructure is a key element of protecting our financial system.

In addition to addressing cybersecurity needs, NAFCU is hopeful that Congress will also soon take legislative action to address ongoing data security breaches at our nation’s retailers.  Data security is an important part of the cybersecurity discussion and every time a consumer uses a plastic card for payment at a register or makes online payments from their accounts, they unwittingly put themselves at risk of criminals who would hack in to merchant systems and steal their information. Traditionally consumers have trusted that entities collecting this type of information will, at the very least, make a minimal effort to protect them from such risks. Unfortunately, in the wake of several headline grabbing retailer breaches in recent months, this does not seem to be the case today.

NAFCU believes legislation pending before the committee, H.R. 2205, the Data Security Act of 2015, would help address these concerns. This legislation would create a national standard of data security for all industries that handle sensitive information based on the standards in Gramm-Leach-Bliley Act (GLBA), a key priority of NAFCU. We are also pleased that it would recognize that it is not productive to duplicate data protection and consumer notice requirements that are already in place for credit unions under GLBA.  We urge the committee to support this legislation and move it to mark-up as soon as possible.

Thank you for your attention to this important matter. We look forward to tomorrow’s hearing and working with the committee as you move forward in addressing cyber and data security issues.  If my staff or I can be of assistance to you, or if you have any questions regarding this issue, please feel free to contact myself, or NAFCU’s Director of Legislative Affairs Jillian Pevo at (703) 842- 2836.

Sincerely,

Brad Thaler
Vice President of Legislative Affairs

cc: Members of the Subcommittee on Oversight and Investigations

More News