網絡安全引發美國銀行業與零售業爭執
Banks are gearing up for a big fight with retailers over who covers the cost of cyber attacks after paying most of the bill for breaches that they blamed on retailers’ own security deficiencies.
銀行正準備與零售商展開一場重大較量,焦點是誰應承受網絡攻擊所造成的成本。此前銀行承擔了侵入事件的大部分成本,儘管它們將這些侵入歸咎於零售商自身的安全缺陷。In a rare show of unity, industry bodies that represent banks are banding together to urge lawmakers to introduce legislation that would force retailers to pay for the clean-up themselves during the new session of Congress next year.
代表銀行的若干家行業組織罕見地團結起來,聯手敦促美國新一屆國會在明年開會期間出臺新的法律,迫使零售商自行承擔清理工作的成本。
The tussle between the two sectors comes as cyber attacks become an increasingly common problem for companies and highlights the difficulties in deciding who is responsible for costs. Attacks on retailers Home Depot and Target, for example, affected almost 100m credit cards in the past year.
這兩個行業展開爭鬥之際,網絡攻擊正成爲企業面對的一個日趨普遍的問題,突顯出在確定誰該買單問題上的困難。例如,黑客對零售商家得寶(Home Depot)和塔吉特百貨(Target)發起的攻擊,在過去一年裏影響了近1億張信用卡。
“This is an equity argument,” said Cam Fine, head of the Independent Community Bankers of America, which has about 5,000 members. “If it was Home Depot’s data security system that was breached, shouldn’t they have to reimburse banks for all the costs, since it wasn’t the banks’ fault? ”
“這是一個有關公平的主張,”擁有大約5000個會員的美國獨立社區銀行家協會(Independent Community Bankers of America)的負責人卡姆•法恩(Cam Fine)表示,“如果是家得寶的數據安全系統遭到侵入,那麼既然不是銀行的過錯,他們難道不應該補償銀行付出的所有成本嗎?”The data breach at the retailer, which the company reported in September, cost community banks and credit unions at least $160m to reissue cards and pay for other services related to the attack. Home Depot estimated that the breach cost the company at least $62m.
這家零售商9月份報告的數據失竊事件,已導致社區銀行和信用社支出至少1.6億美元重發新卡,以及爲與應對這次攻擊有關的其他服務買單。家得寶預計,此次侵入事件給該公司造成至少6200萬美元的成本。“The weak link in the system today is on the merchant end,” the National Association of Federal Credit Unions and the Credit Union National Association wrote last week to retailer groups. “As long as the security standards on the merchant side of the system are weaker than those on the financial institution side of the system, the vulnerability for consumers and financial institutions will be at your feet.”
“當今系統中的薄弱環節是在商家這頭,”聯邦信貸協會全國聯盟(NAFCU)和美國信用社協會(CUNA)上週致函零售商團體稱,“只要系統中商家這頭的安全標準弱於金融機構這頭,消費者和金融機構的脆弱性就是由貴方造成的。”Banks and retailers have sparred for years over transaction costs, but the latest spate of cyber attacks has heightened animosity between the two groups. Retailers’ representatives rejected the banking industry’s claims. “The suggestion that retailers pay nothing is demonstrably false,” said Brian Dodge, executive vice-president at lobby group, the Retail Industry Leaders Association.
銀行和零售商圍繞交易成本已爭吵多年,但圍繞網絡攻擊的最新口水戰加劇了這兩個羣體之間的敵意。零售商的代表不接受銀行業的主張。“有關零售商沒有付出任何代價的說法顯然是不實的,”遊說團體——美國零售業領導者協會(RILA)執行副總裁布賴恩•道奇(Brian Dodge)表示。The costs of unauthorised transactions on hacked credit cards were shared evenly between retailers and banks over time, he added. “This is an effort by the banks to obscure reality and benefit from an issue that’s a challenge to many businesses, not just retailers,” he said.
他補充說,被黑的信用卡所帶來的未授權交易的成本,長期而言是在零售商和銀行之間均勻分擔的。“這是銀行的一個企圖,目的是掩蓋現實,從一個對衆多企業——而不僅僅是零售商——都構成挑戰的問題中撈取好處,”他說。‘There is more of an urgency to do something because these breaches keep.'
“現在有更大的緊迫性採取對策,因爲這類侵入事件越來越多了。”
