The Retail Industry Leaders Association (RILA) today expressed support for continued public-private cooperation to combat cyber threats. In testimony submitted to the Senate Commerce, Science and Transportation Committee, Jennifer Safavian, Executive Vice President of Government Affairs at RILA, outlined steps leaders in the retail community have taken to enhance cybersecurity and specifically pointed to the National Institute of Standards and Technology (NIST) Cybersecurity Framework as a useful tool in measuring cybersecurity posture.
The full committee hearing entitled, "Building a More Secure Cyber Future: Examining Private Sector Experience with the NIST Framework" acknowledged progress made by NIST in the way of cyber-threat information sharing and examined ways to enhance public-private cooperation in thwarting attacks. Safavian's testimony emphasized the importance of establishing voluntary and industry-led standards for cybersecurity that address dynamic technology challenges faced by retailers.
The full testimony can be read here: http://bit.ly/1DdYUFa
Excerpts from the testimony:
"As leaders in the retail community, we are taking new and significant steps to enhance cybersecurity throughout the industry. To that end, RILA formed the Retail Cyber Intelligence Sharing Center (R-CISC) in 2014 in partnership with America's most recognized retailers. The Center has opened a steady flow of information sharing between retailers, law enforcement and other relevant stakeholders. These efforts already have helped prevent data breaches, protected millions of American customers and saved retailers millions of dollars. The R-CISC is open to all retailers regardless of their membership in RILA."
"For years, RILA members have been developing and deploying new technologies to achieve pioneering levels of security and service. The cyber-attacks that our industry faces change every day and our members are building layered and resilient systems to meet these threats. Key to this effort is the ability to design systems to meet actual threats rather than potentially outdated cybersecurity standards that may be enshrined in law. That is why development of any technical cybersecurity standards beyond a mandate for reasonable security must be voluntary and industry-led such as the standards embodied in the National Institute of Standards and Technology Cybersecurity Framework. RILA members using the Framework have found it to be a helpful tool in evaluating their cybersecurity posture and support the continued use of voluntary, industry-led processes as a key method of addressing dynamic technology challenges."
RILA is the trade association of the world's largest and most innovative retail companies. RILA members include more than 200 retailers, product manufacturers, and service suppliers, which together account for more than $1.5 trillion in annual sales, millions of American jobs and more than 100,000 stores, manufacturing facilities and distribution centers domestically and abroad.