CORRECTING and REPLACING Broad-Based Coalition Supports Cotton Amendment Strengthening Senate Cybersecurity Bill

Amendment Would Enhance Real-Time Sharing of Cyber Threats National Retail Federation

WASHINGTON--()--Please replace the release with the following corrected version due to multiple revisions.

The corrected release reads:


Amendment Would Enhance Real-Time Sharing of Cyber Threats

A broad-based coalition of 10 associations led by the National Retail Federation sent a letter today to Senate leadership in support of an amendment by Senator Tom Cotton to S. 754, the Cybersecurity Information Sharing Act of 2015, that would give liability protection to businesses that share cyber threats with the Federal Bureau of Investigations and the U.S. Secret Service rather than just the Department of Homeland Security.

“NRF is leading the fight against data theft because the retailer-consumer relationship depends on trust, and cyberattacks erode that trust,” said Senior Vice President for Government Relations David French. “Hackers target a wide variety of businesses, but data thefts committed against retailers draw attention because retail stores are names consumers know and places where they shop every day. We are committed to stopping this criminal threat to our customers and the industry.”

Noting in its letter that “A major barrier that prevents the business community from working to combat these unprecedented attacks is the risk of costly frivolous lawsuits,” the coalition urged the Senate to pass CISA and “remove this roadblock to cyber defense.”

The coalition also wrote that CISA would be improved by the amendment being offered by Cotton. As written, the legislation would provide liability protection only when threats are shared with DHS. Under Cotton’s amendment, the protection would be extended to cover sharing with all three agencies. “This amendment recognizes the reality that for non-critical infrastructure sectors, the FBI and Secret Service are our longstanding partners and primary points of contact in fighting cyberattacks,” wrote the coalition. “Anything that hinders essential real-time communication cedes the field to our nation’s adversaries and weakens our economic security.”

NRF has led a sustained campaign over the past decade to address data security and protect retail customers. In addition to advocating for information-sharing legislation like today’s Senate bill, NRF has supported passage of a uniform federal data breach notification law to replace separate laws in 47 states and the District of Columbia. Notification legislation has been a top priority in Congress during 2015, and NRF testified before a Senate hearing in February that a federal law should cover banks, card processors and all entities that handle sensitive consumer data, not just retailers.

To help fight cybersecurity threats to retailers’ systems, NRF has also created the Information Technology Security Council, which keeps retailers up to date on the latest news, information and threats and has more than 150 actively-involved retail companies.

NRF is the world’s largest retail trade association, representing discount and department stores, home goods and specialty stores, Main Street merchants, grocers, wholesalers, chain restaurants and Internet retailers from the United States and more than 45 countries. Retail is the nation’s largest private sector employer, supporting one in four U.S. jobs – 42 million working Americans. Contributing $2.6 trillion to annual GDP, retail is a daily barometer for the nation’s economy. NRF’s This is Retail campaign highlights the industry’s opportunities for life-long careers, how retailers strengthen communities, and the critical role that retail plays in driving innovation.



National Retail Federation
Robin Winchell Roberts, 855-NRF-PRESS


National Retail Federation
Robin Winchell Roberts, 855-NRF-PRESS