WASHINGTON – Yesterday, the Merchant Financial Cyber Partnership, of which NACS is a partner, hosted its 2014 Merchant-Financial Services Cybersecurity Summit, in Washington, D.C. With more than 150 industry leaders, policymakers and members of the media in attendance, the summit viewed the topic of “Cybersecurity: Protecting the Payments system” from various perspectives over the course of three 45-minute panels.

Former Minnesota Governor Tim Pawlenty, now CEO of Financial Services Roundtable, opened the event by sharing the statistic that between May 2013 and May 2014, the data of more than 110 million Americans (almost half of the U.S. adult population) was compromised through cybercrime and security breaches. This fact set the tone for the rest of the summit, during which participants from government, financial and merchant sectors all emphasized the severity of the cybercrime landscape and the need for urgent action.

Panelists in the first session, “Regulatory Landscape in Congress: Cyber Security Legislation and Information Sharing,” painted a grim picture of the state of cybercrime today — as U.S. companies and the government confront attacks from nations such as China and Russia, as well as international organized crime groups and traditional hackers — summed up by U.S. Representative Mike Rogers’ statement that “We are in a cyber war … we just don’t know it yet.” Rogers, along with fellow panelists U.S. Senator Saxby Chambliss and White House Cybersecurity Coordinator Michael Daniel, all spoke about the importance of information sharing, with Chambliss describing it as “the guts” of any legislation that Congress will pass (in this or future legislative sessions), to address cybercrime responses. And, without a doubt, the panelists all emphasized that it is essential for Congress to pass cybercrime legislation sooner, rather than later — and well before the U.S. experiences a more severe breach than has already occurred.

The second panel, comprised of speakers from the retail and financial sectors along with an FBI cybercrime expert, followed up in more detail on strategies and challenges for information sharing in the session, “Information Sharing: Industry and Government View.” Building trust and developing strong communication among various corporate entities and the government is a key piece — and one of the biggest challenges — to effective information sharing. Retail Industry Leaders Association (RILA) Senior Vice President Suzie Squier acknowledged that retailers have increasingly come together to form coalitions, with the ongoing goal of creating info sharing among merchants. Joseph Demarest, assistant director of the FBI Cyber Division echoed this sentiment of collaboration, saying that more and more the FBI is learning from the private sector and vice-versa, in order to jointly combat the looming cybersecurity threat.

The summit’s final panel, the payments-focused “Payments Security: How Can Advancing Technologies Help Payments Security?,”  featured Walmart’s Senior Director for Payment Strategy Reed Luhtanen, MasterCard’s Chief Payment System Integrity Office Nancy O’Malley, and event co-sponsor Bloomberg Government’s Senior Technology Analyst Afzal Bari discussing what’s new and next on the payment security horizon, from EMV to tokenization and everything in between … including discussion of the just-announced Apple Pay system. “There is no silver bullet,” cautioned Luhtanen, who recommends a layered approach to payment security, including tokenization, EMV, cardholder authentication and sunsetting outdated technologies. All three panelists emphasized the need to develop and deploy new technologies quickly, with a forward-looking approach in order to better anticipate the payments landscape and evolving cyber threats for several years down the road. The conversation also focused on the consumer behavior that drives so much of the payments industry, with Luhtanen reminding attendees that, despite the excitement over Apple Pay and the greater security of mobile payments, the majority of customers at Walmart still pay by cash, and even personal checks. In the end, said O’Malley “It’s really about building a better ecosystem for everyone. We all share the goal of a better, safer experience for consumers. At the heart of this is the overall consumer experience and we’re all working together to build transparency to educate customers on new technology and how it can be utilized.”

“Today’s event highlighted the extensive efforts merchants are making to address data theft,” said NACS Director of Government Relations Paige Anderson. “We need all stakeholders to have a real voice in security standards to ensure the best protection for consumers and businesses.”