Data breaches took center stage in 2014 for major corporations and banks alike, fueled by major occurrences with an unprecedented amount of media attention. As companies and consumers pick up the pieces, the conversation is shifting to how data is stored and processed, and who is to blame when a breach takes place.
Retailers fighting back
Recent reports from Independent Community Bankers of America (ICBA) and The Credit Union National Association (CUNA) note that data breaches cost banks millions of dollars per year. Banks and credit unions argue that they should not be forced to foot the bill for retailers’ lack of data security, and have lately taken legal action to dispute their responsibility for the costs. A group of retail advocates including the Retail Industry Leaders Association, the National Retail Federation, and the National Restaurant Association is pushing back, claiming the ICBA and CUNA data is misleading. The counterclaim cites lax card security and an unwillingness to adopt modern technology as key weaknesses in the US financial services system. These lax standards, the group claims, expose consumers to identity theft once data has been breached.
Who makes the best case?
Quarreling banking and retail groups highlight the underlying issue: Data breaches are the new normal for the modern-day organization. Legislation and case law around these issues will eventually help determine who bears the financial responsibility when customer data goes missing.
Staying on the right side of history
Banks and retailers alike can work to start protecting their own interests ahead of pending legislation and case law. Companies can get ahead of the game by proactively implementing tools and processes to help protect customer data and quickly react when a breach occurs. Recent data shows the cost of a data breach – even for small organizations – can be crippling. With a legal and regulatory battle heating up in 2015, being on the cutting edge of data security has never been more important.