Retailers Put Aside Differences, Band Together To Fight Future Massive Hacks

You know that scene in superhero and/or spy movies (and especially in sequels) where the hero and his/her longtime nemesis must begrudgingly band together, if only for one kick-butt scene, to take down a larger foe that could hurt them both? That’s probably the most interesting way to think about today’s announcement from the National Retail Federation.

The NRF announced today that — in the wake of the egg-on-face hack that turned thousands of Target can-scanners into remote ID-theft devices — it is moving forward with a plan to create a platform that would allow retailers to share and stay informed of the latest information related to cybersecurity threats.

The platform is being developed in consultation with the Financial Services Information Sharing and Analysis Center (FS-ISAC), which has been sharing and monitoring threats to banks and other institutions for more than a decade. The NRF hopes to establish its own Information Sharing and Analysis Center this coming June.

“We believe a heightened and well coordinated information sharing platform such as a retail ISAC is a vital component for helping retailers in their fight against cyber attacks,” NRF President and CEO Matthew Shay said in a statement. “Establishing a new program takes time, but time is not our friend when it comes to stopping these sophisticated and unpredictable criminals. The willingness of the FS-ISAC to work with retailers provides our industry with a new and important tool as we explore all of the options available for merchants to protect their customers and their businesses.”

The Target breach resulted in criminals accessing information for more than 100 million Target shoppers during the busy holiday shopping season. It is just one of a number of recent incidents that have consumers, lawmakers, and advocates all asking for higher security standards at the nation’s retail establishments.

Consumers obviously hate these breaches because it means their personal information is being stolen and can be used to make fraudulent purchases. Banks and credit card issuers may hate them even more, as consumers’ liability for fraudulent purchases is very limited (and in many cases, nonexistent), meaning these institutions have to go through the costly process of crediting victims, investigating fraud and issuing new cards and account numbers.