Retailers Form ISAC to Share Threat Data

From the beginning of the cybercrime epidemic, retailers have been among the most frequent targets, and the last year has seen some of the larger compromises in history. The Target data breach is at the top of that list, involving more than 100 million customers, and after years of increasingly serious compromises the retail industry is finally getting together to share information about attacks, threats and vulnerabilities.

Information sharing and analysis centers (ISACs) have been a staple of security operations in many industry for more than a decade now. Health care, communications, emergency services, IT, the nuclear industry and even the maritime industry all have well-established ISACs, through which member organizations can share sensitive data and indicators of compromise among themselves to help with detection, prevention and recovery. Perhaps the most successful of the ISACs is the FS-ISAC, which serves the financial services community, a group of companies that clearly has much at stake and therefore has been at the forefront of establishing programs and initiatives for its members.

Despite its status as a top-tier target for attackers for most of recorded time, the retail industry had never gotten around to putting together an information-sharing center. Now, the industry has put together the Retail Cyber Intelligence Sharing Center, known as R-CISC, that includes an ISAC as well as training and research components.  The organization comprises a number of prominent retailers, including Safeway, Nike, Gap, Lowe’s and Target.

The organization comprises a number of prominent retailers, including Safeway, Nike, Gap, Lowe’s and Target.

“Retailers place extremely high priority on finding solutions to combat cyber attacks and protect customers. In the face of persistent cyber criminals with increasingly sophisticated methods of attack, the R-CISC is a comprehensive resource for retailers to receive and share threat information, advance leading practices and develop research relevant to fighting cyber crimes,” said Sandy Kennedy, president of RILA, an industry organization.

The R-CISC also will be sharing information with the FBI, the United States Secret Service and the Department of Homeland Security. Law enforcement officials have had a tenuous relationship with the private sector when it comes to information sharing for many years, mainly because private security officials have seen the relationship as a one-way street, with no help coming back from the government.

“We have seen a sharp increase in the number of malicious actors attempting to access personal information or compromise the systems we all rely on, in the retail industry and elsewhere,” said Dr. Phyllis Schneck, Deputy Under Secretary for Cybersecurity and Communications at the U.S. Department of Homeland Security National Protection and Programs Directorate. “We continue to work with the private sector to create shared situational awareness of potential cybersecurity vulnerabilities. The Retail Cyber Intelligence Sharing Center will further enhance DHS’s collaboration with this important sector of the American economy and will provide information and resources that can help companies keep their networks and the consumer information stored on them safe and secure.”

Image from Flickr photos of Andika Murandi.

Suggested articles