Why Collaboration and Information Sharing is Crucial in Retail Cybersecurity
April 7, 2017
Uniting the Gift Card industry with retail on the cybersecurity front
Recently, CashStar announced it is the first gift card ecommerce provider to partner with the Retail Cyber Intelligence Sharing Center (R-CISC), the trusted cybersecurity community for information sharing and analysis among retailers. One of CashStar’s aims in joining the R-CISC is to encourage risk intelligence sharing among organizations operating in the gift card and prepaid industries, so we have invited Executive Director Brian Engle to share more about the R-CISC.
Who is the R-CISC?
The Retail Cyber Intelligence Sharing Center (R-CISC), is the leading trusted cybersecurity community for retailers, consumer product and service organizations and cybersecurity industry partners. Operating as the retail Information Sharing and Analysis Center (ISAC), we serve as a conduit for collaboration, threat intelligence sharing and cooperation. The R-CISC focuses on building and sustaining valuable programs, partnerships and opportunities that enable our members to grow trust-based relationships, strategic knowledge and tactical capabilities. Our members of all sizes share cyber intelligence on incidents, threats, vulnerabilities and associated remediation and work together to create guidelines and standards for industry-wide cybersecurity practices.
Why are CashStar and the R-CISC working together?
Criminals have demonstrated that gift cards are a growing target in fraud and theft schemes. Gift cards and prepaid issues are currently under-represented within the ‘cyber intelligence sharing’ community. As retail organizations continue to evolve their avenues for profit and sell digital currency offerings, associated risks and evolving threat mitigation need to become a focal point within security teams. CashStar and the R-CISC are partnering to define, develop and deliver a framework to utilize information sharing as a key component to mitigate risk for retailers who issue gift cards. Our collective goal is to increase collaboration and alignment in the industry against shared threats and bad actors.
As merchants and members of the gift card industry, you are part of the community that the R-CISC supports. We are dedicated to helping you and your industry peers strengthen internal cybersecurity practices.
What are today’s cybercrime trends and what is the R-CISC doing to stop them?
One of the ways we help to outline issues and work with partners to define solutions is around disrupting the cybercrime model.
Today’s hackers are persistent and pursue their targets in a distributed way that they can scale to maximize results. This enables criminals with lesser skills to attack using a marketplace of criminal tools, while also enabling organized groups to attack large segments of the industry concurrently. Retailers, merchant services and other sectors are forced to respond to the rising tide of fraudulent transactions, account takeover attacks, identity theft, gift card and other fraud activities with decisive action.
The R-CISC works closely with our members to identify variations in attacker intrusion methods and increase visibility of attacker patterns and behaviors. As an additional measure, R-CISC members have recently announced the formation of a retailer-led, fraud focused working group built to empower members through collective efforts poised to produce guidelines and share solutions to fraud problems. It’s become quite clear: cybersecurity professionals simply can’t prevent criminal activity if they’re operating in a vacuum. We need to work together for effective prevention.
How can I leverage the R-CISC?
We invite you and your security team to R-CISC’s Retail Collaboratory event, a member-driven event taking place May 9-10th in Frisco, Texas. We will be bringing together a unique group of strategic leaders, threat intel experts and fraud professionals. Specifically for the fraud group, there will be sessions around expanding on the cyber kill chain model, account takeover tracking and mitigation strategies, the implications of the attacker ecosystem, and the kick-off of a fraud specific working group that will begin the ongoing work of expanding the cybercrime kill chain model. CashStar’s Jeremy Ward will be speaking on gift card fraud, and will help launch the ongoing fraud working group at the event.
For more information on Retail Collaboratory or to RSVP, please visit www.collaborate.r-cisc.org. Use the promo code ‘CASHSTR’ for complimentary registration.