From the beginning of cybercrime, retailers have always been one of cybercriminals top targets, just one year ago some of the largest data breaches in history took place. Last year, Target was on the top of that list begin victim to one of the largest data breaches putting more than 100 million customers data as risk. After years and the severity of data breaches, retailers are coming together to create an information sharing center based on attacks, threats, and vulnerabilities.
Information sharing and analysis centers (ISACs) have been a staple in security operations in dozens of industries for over a decade now. Emergency services, health care, IT services, the nuclear industry, and even the maritime industry (ship transport) all have very well comprised information sharing and analysis centers. ISACs allow those organizations to share sensitive data and indicators of attacks among each other to help with detection, prevention and recovery. One of the more successful ISACs is the FS-ISAC, the financial services community.
Despite retailers begin top-tier targets for attacks, the retail industry has never put together an information sharing and analysis center. Now, the industry has put together the first Retail Cyber Intelligence Sharing Center, known as R-CISC. The service includes an ISAC as well as training and research components. Large retailers that have already joined the project include Gap, Lowe’s, Nike, Safeway and Target.
“Retailers place extremely high priority on finding solutions to combat cyber attacks and protect customers. In the face of persistent cyber criminals with increasingly sophisticated methods of attack, the R-CISC is a comprehensive resource for retailers to receive and share threat information, advance leading practices and develop research relevant to fighting cyber crimes,” said Sandy Kennedy, president of RILA.
The R-CISC will also share information with the FBI, the United States Secret Service and the Department of Homeland Security. Sharing such data with government agencies will presumably help agencies discover and uncover attacks at a rapid pace.
“We have seen a sharp increase in the number of malicious actors attempting to access personal information or compromise the systems we all rely on, in the retail industry and elsewhere,” said Dr. Phyllis Schneck, Deputy Under Secretary for Cybersecurity and Communications at the U.S. Department of Homeland Security National Protection and Programs Directorate. “We continue to work with the private sector to create shared situational awareness of potential cybersecurity vulnerabilities. The Retail Cyber Intelligence Sharing Center will further enhance DHS’s collaboration with this important sector of the American economy and will provide information and resources that can help companies keep their networks and the consumer information stored on them safe and secure,” reads the official R-CISC website.