On October 17, 2014, the White House announced that the President signed a new executive order focused on cybersecurity. The signed executive order, entitled Improving the Security of Consumer Financial Transactions (the “Order”), is focused on securing consumer transactions and sensitive personal data handled by the U.S. Federal Government.
The highlights of today’s Order include:
- Securing Federal Payments. To help protect citizens doing business with the U.S. Federal Government, the Order sets forth a new policy that calls for Federal agencies to employ enhanced security features to protect payment processing and payment cards, including the deployment of upgraded payment card terminals at Federal agency facilities that accept chip and PIN-enabled cards.
- Improving Identity Theft Remediation. The Order requires several Federal agencies to support the Federal Trade Commission in its development of IdentityTheft.gov, a new one-stop resource for victims that streamlines the identity fraud reporting and remediation process with consumer reporting agencies.
- Safeguarding Federal Online Transactions. The Order calls for the development of a plan designed to protect personal data that Federal agencies make accessible to citizens through digital applications. The plan will require the digital applications to use multi-factor authentication and an effective identity proofing process.
- Information Sharing. The Order directs expanded information sharing to strengthen the ability of Federal investigators to regularly report evidence of stolen financial and other information to companies whose customers are directly affected.
In addition to signing the Order, the President announced that a cybersecurity and consumer protection summit will be held later this year. The summit will bring together key stakeholders in the consumer financial space to share best practices, promote adherence to stronger security standards and discuss next generation technologies. Several private sector initiatives focused on payment card security and identity theft prevention also were announced, including the rollout of chip and PIN-compatible card terminals at all stores of several large retailers by early 2015. The President also renewed his call for data breach and cybersecurity legislation. Last year, on the evening of the State of the Union Address, President Obama issued the Executive Order on Improving Critical Infrastructure Cybersecurity and a Presidential Policy Directive on Critical Infrastructure Security and Resilience, both of which focused on improving cybersecurity for critical infrastructure sectors.