Menendez blasts Citi’s handling of data breach

{mosads}The exchange occurred at a Senate Banking Committee called to consider a new White House proposal that would give the Department of Homeland Security the authority to ensure private-sector networks deemed crucial to national security meet government-approved security standards. 

Financial institutions are deemed part of the critical infrastructure that presumably DHS would control under the proposal. 

At the hearing, the Consumer Data Industry Association warned that the new DHS mandate could conflict with existing regulations and the oversight of the Consumer Financial Protection Bureau. It also warned against attempts to deal with consumer privacy issues in any bill dealing with consumer data protection.

Williams warned that new restrictions should be placed on all stakeholders, not just the financial sector. His group opposes any proposals to give the executive branch unlimited powers to remove access to the Internet-related to suspected data breaches.

Kevin Streff, a Dakota State University professor, argued that new requirements on small banks could be damaging because correcting a data breach costs some $202 per financial record stolen. He argued that small businesses are the ones failing even to install basic anti-virus programs and shifting burdens onto small banks might be the wrong approach.

Sen. Jack Reed (D-R.I.) at the hearing probed the issue of whether legislation should give new powers to U.S. law enforcement to audit offshore data processing centers.

Pablo Martinez, a deputy special agent the U.S. Secret Service detailed the difficulties his agency now has in dealing with foreign jurisdictions.