Starbucks CISO Dave Estlick to Keynote at 2019 Retail Cyber Intelligence Summit

August 15, 2019  RH-ISAC Events

Dave Estlick, CISO of Starbucks In his keynote session, “Creating Operational Efficiencies Through Orchestration and Automation,” at our upcoming Retail Cyber Intelligence Summit, Dave Estlick, CISO of Starbucks discusses how the talent gap is and remains a consistent pain point for organiza...


The Threat of Online Skimming to Payment Security

August 1, 2019  PCI Security Standards Council

Below we cover basic questions with PCI SSC Chief Technology Officer Troy Leach about a newly released bulletin by the PCI SSC and RH-ISAC on the topic of digital skimming and how to detect and prevent this dangerous threat. For more information about best practices for detection and prevention, re...


Two-Birds, One Stone: Invest in Both Cybersecurity Operations and Employee Growth

July 23, 2019  Root9B

The growing threat landscape has amplified a need for talent and tools to better understand, interoperate, and thwart cyber threats. Through the RH-ISAC’s trusted partnerships with Associate members, retail and hospitality cybersecurity practitioners are able to gain knowledge and build skills in...


Ulta Beauty CISO Diane Brown to Speak at Upcoming Retail Cyber Intelligence Summit

July 18, 2019  RH-ISAC Events

Diane Brown, senior director of IT risk management and CISO at Ulta Beauty, will be leading a breakout session at the upcoming Retail Cyber Intelligence Summit taking place September 24-25, 2019 at the Four Seasons Hotel in Denver, Colorado. Diane Brown, senior director of IT risk management ...


Retail and Hospitality Threat Trend Report

July 12, 2019  RH-ISAC

Retail and hospitality industries are in the midst of a technology adoption boom. Digital channels are being expanded as consumers go online at all stages of the purchase process—from information gathering, to pre-purchase, to post-purchase service. RH-ISAC and Accenture Security's iDefens...


New Report: The State of Cyber Intelligence in the U.S.

July 11, 2019  Hollen Barmer, Study Contributor, Carnegie Mellon University and Jared Ettinger, Cyber Intelligence Researcher, Carnegie Mellon University

How do organizations across the United States perform cyber intelligence? A new report from the Software Engineering Institute (SEI) reveals what we’re getting right, where we could improve, and what the future looks like. In 2018, researchers at the Carnegie Mellon University SEI set out to a...


Viva Las Black Hat 2019

July 10, 2019  RH-ISAC Events

RH-ISAC is excited to attend the 22nd annual Black Hat conference in fabulous Las Vegas this August. We expect to see many of our members in attendance and we want you to know that for RH-ISAC, Vegas means business. Read on to see how we will be spending our time in Vegas. RH-ISAC General Meet &...


HiddenWasp and the Emergence of Linux-based Threats

June 26, 2019  Intezer

The Linux threat ecosystem is crowded with IoT DDoS botnets and crypto-mining malware. However, with low detection rates in nearly all leading anti-virus solutions, Linux threats pose new challenges to the information security community that have not been observed previously in other operating syst...


Progress in the Global Fight against Fake Emails

June 19, 2019  Dylan Tweney, VP of Research and Communications, Valimail

Valimail has been doing rigorous analysis on the data behind email frauds since the company’s earliest days. And we’ve been publishing research reports based on that deep insight for several years. Valimail’s research program now sets the industry standard for reliable, hype-free data on ...


How To Mitigate Account Takeover In Retail

May 24, 2019  Alexandra Brown, Retail & Hospitality ISAC

RH-ISAC article featured on Retail IT Insights. The below is an excerpt from the article. For the full post, visit: Online shopping is pervasive, especially as more and more retailers expand their digital commerc...


Collective Genius, Common Purpose In-Person Events Build Relationships, Trust

May 2, 2019  Adam Hirsch, SVP & Head of Information Security, PVH Corp.

As an information sharing and analysis center, the RH-ISAC provides many ways for information security teams to share not only IOCs but also information on processes, technology and other insights. As Suzie shared in her last letter, our membership community is very active in sharing – whether it...


Giving Back and Growing Simultaneously

April 26, 2019  Nathan Chandler

Thank you to those who attended last week’s regional Intelligence Workshop at Walgreens University! Being a part of Walgreens Boots Alliance allows our team access to a wide array of resources that we are happy to share with the RH-ISAC member community. It was awesome to host more than 20 pr...


Social media is a threat actor’s recon tool

April 24, 2019  Harpreet Kalra

Social media networks like Facebook, Instagram, Twitter and LinkedIn were originally designed to connect people all over the world. Now, it has become an active underworld for threat actors seeking personal and organizational information from users. Social media has become a reconnaissance tool –...


Building Strength In Our Pack, by Jim Cameli, VP & Global CISO, Walgreens Boots Alliance

April 2, 2019  Jim Cameli, VP & Global CISO, Walgreens Boots Alliance

For the strength of the pack is the wolf, and the strength of the wolf is the pack.“The Law for the Wolves” by Rudyard Kipling This is a favorite line of mine from Rudyard Kipling and one I truly believe sums up the value associated with being a member of the RH-ISAC. Our people, our ...


Member Spotlight

February 25, 2019  Angeline Button

Managing time to complete intelligence sharing is a huge priority for Peer Choice Winner Angeline Button. She manages to be a rock-solid resource for not only the intel sharing community, but as a strong female influence in cyber security. Angeline is the practice lead of Threat Hunting & Intellig...


We’ve Changed Our Name, but the Mission Remains the Same

February 21, 2019  Suzie Squier

The RH-ISAC was built to create a secure place for retailers to share cybersecurity information and intelligence to not only better protect their own companies, but to also strengthen the entire sector – a rising tide lifting all boats. What started with about 30 companies coming together in Pitt...


Enhance your Cybersecurity Stance with the RH-ISAC’s Hands-on Workshops

January 22, 2019  Alexandra Brown

It’s no secret that retail, hospitality and consumer-facing companies face cybersecurity concerns. Security breaches damage the trust customers have in a brand, hurt revenue and may even cause permanent damage to the brand. Every indicator suggests that cyberattacks will continue to strike our...


From Physics to Cybersecurity: An Interview with RH-ISAC Board Member, Scott Howitt

January 15, 2019 

We recently interviewed RH-ISAC Board Member, Scott Howitt about his involvement with the RH-ISAC and his thoughts for its future. After several retail breaches of 2014, he knew he wanted to be part of the solution to safeguard organizations and their customers. He sees opportunities to use new tech...


The Results Are In! The RH-ISAC’s 2018 Member Satisfaction Survey

January 3, 2019  Jennifer McGoldrick-Stenberg

Retail and hospitality members: This one’s for you. At the heart of any membership organization is its members – and in an industry that’s as transformative as ours, we’re proud to do our part helping all of you make retail more secure. That’s why the RH-ISAC and its Engagement Committee l...


Putting Out Fires on Multiple Fronts

December 19, 2018  Suzie Squier

If there's a fire to put out in the Charlottesville, VA, area, you'll probably find Alex Belgard there – whether it's an actual fire or the cyber kind. As team lead of network and security for Crutchfield Corporation, Alex leads the security team for the privately held, online retailer that speci...


Six Quick Wins To Fight ATO This Holiday Season

November 19, 2018  RH-ISAC Team

‘Tis the season where retailers see a much higher volume of sales, both in stores and online. This makes it harder to detect anomalous traffic, and it is impractical to block IP ranges based upon geography, because online sales can be global. Retail staff is motivated and focused upon sales, at th...


An Interview with RH-ISAC Board Director: Ken Athanasiou

November 12, 2018 

We recently interviewed RH-ISAC Board Director, Ken Athanasiou, Vice President and Chief Information Security Officer, AutoNation, Inc., about his involvement with the RH-ISAC and his thoughts for its future. He feels that cooperation and communication are vital if retailers are to be successful i...


An Interview with RH-ISAC Board Chair, Colin Anderson

October 23, 2018  Colin Anderson, VP, IT & Global CISO, Levi Strauss

We recently interviewed new RH-ISAC Board Chair, Colin Anderson about his involvement with the RH-ISAC and his thoughts for its future. He sees opportunities to help members implement effective controls to manage their respective cybersecurity risks.   RH-ISAC: Can you tell us a bit about you...


The 2018 Summit: A Conference that Felt More Like a Team Meeting

October 9, 2018  RH-ISAC Team

The RH-ISAC celebrated its most successful Summit to date with a fascinating closing keynote by LTG John Mulholland Jr (Ret), commander of the “horse soldiers” of the Iraqi Freedom campaign, who gave attendees advice on great leadership: Leadership demands moral courage—be equal to it! It woul...


Day One of the Retail Cyber Intelligence Summit is a Wrap!

October 3, 2018  RH-ISAC Team

RH-ISAC's third annual Retail Cyber Intelligence Summit kicked off yesterday with a keynote from Doug Stephens, the Retail Prophet and continued with a full schedule of sessions. Topics included everything from Building a Threat Intelligence Program,  Utilizing Dashboards and Metrics to Drive Perfo...


RH-ISAC Interviews: Members of Target’s Information Security Team

September 28, 2018  Target Cybersecurity Team

“Cyber security shouldn’t be considered a competitive advantage, but a collaborative effort,” writes Rich Agostino, CISO, Target—and speaker at the 2018 Retail Cyber Intelligence Summit. As part of our series from speakers and sponsors of this year’s Summit, we recently asked members of ...


Three Security Lessons to Keep in Mind Leading Up To the RH-ISAC Summit

September 26, 2018  By Heather Howland, VP of Marketing, Preempt

By Heather Howland, VP of Marketing, Preempt It’s never been more important for retailers to harden their cybersecurity posture— especially given the documented trend of intensified attacks on retailers during the rapidly-approaching holiday season. We’re excited to attend the 2018 Retail ...


The Need for Cyber Threat Intelligence: What Are we Concerned About? Part 2

September 24, 2018  Tommy McDowell, Sr. Director, ISAC, RH-ISAC

Cyber threat intelligence (CTI) requirements guide not only what intel is collected, but also how it is analyzed and used for IR, the SOC analyst and the business, as well. Developing a good set of requirements helps the organization: Monitor the right threat actors Collect the most usefu...


RH-ISAC Interviews: Tae Kim, Capital One

September 20, 2018  Tae Kim, Sr. Mgr., Cyber Intelligence, Capital One Financial Corporation

“The window of time we had to stop the leveraging of known vulnerabilities, has now seemingly turned into an advantage for the advanced threat actors.,” writes Tae Kim, Senior Manager, Cyber Intelligence at Capital One Financial Corporation —and speaker at the 2018 Retail Cyber Intelligence S...


RH-ISAC Interviews: Doug Stephens, Retail Futurist

September 18, 2018  Doug Stephens, Retail Futurist

“Isolationism makes everyone less safe,” writes Doug Stephens, Retail Futurist —and Opening Keynote speaker at the 2018 Retail Cyber Intelligence Summit. As part of our series from speakers and sponsors of this year’s Summit, we recently asked Doug to respond to a few questions about the f...


RH-ISAC Interviews: Jamie Butler, Endgame

September 17, 2018  Jamie Butler, CTO, Endgame

“. . .the speed to weaponize a vulnerability has decreased down to days from the first PoC.” writes Endgame’s CTO, Jamie Butler. As part of our series from speakers and sponsors of this year’s Retail Cyber Intelligence Summit., we recently asked Jamie to respond to a few questions about the...


Webinar Recap: Implementing Multifactor Authentication for E-Commerce

September 14, 2018 

NIST Releases Cybersecurity Guide to Help Reduce Online Retail Fraud Over the past several months, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) has been collaborating with retailers and technology vendors on a cybersecurity pro...


RH-ISAC Interviews: Justin Swisher, Anomali

September 13, 2018  Justin Swisher, Security Strategy Manager, Anomali

“Organizations are recognizing that threat intelligence supports decision making, informs incident response and drives threat hunting,” writes Justin Swisher, Security Strategy Manager at Anomali—and speaker at the 2018 Retail Cyber Intelligence Summit. As part of our series from speakers and...


RH-ISAC Interviews: Phillip Miller, Brooks Brothers

September 11, 2018  Phillip Miller, Head of Infrastructure & CISO, Brooks Brothers

“If our designers, buyers and innovators are hamstrung by security in the pursuit of product development, they will either go around us or fail to produce expected outcomes,” writes Phillip Miller, Head of Infrastructure & CISO, Brooks Brothers—and speaker at the 2018 Retail Cyber Intelligence...


The Need for Cyber Threat Intelligence: What Are we Concerned About?

September 4, 2018  Tommy McDowell, Sr. Director, ISAC, RH-ISAC

This is one of a series of posts addressing key threats to the retail sector in an attempt to identify which information assets and systems must be protected, and to examine the value of identifying adversaries and intelligence consumers. Today, the most serious data breaches and disruptions resu...


Targeting the Supply Chain

August 23, 2018  Retail ISAC Team

Threat actors are increasingly targeting supply chain organizations to get around ever more hardened corporate perimeters, modifying their products to achieve a range of potential effects, such as cyber espionage, organizational disruption or demonstrable financial impact. According to a recent r...


RH-ISAC Recaps Black Hat 2018

August 14, 2018  Retail ISAC Team

BlackHat USA is one of the world's leading information security events, providing attendees with the very latest in research, development and trends. This year’s conference was no different and delivered its attendees with an extensive amount of valuable insight. The RH-ISAC Threat Intelligence Te...


We’re Just Weeks Away from Informative Sessions and Great Networking

August 10, 2018  Suzie Squier, Executive Director, RH-ISAC

We’re just about two months away from the 2018 Retail Cyber Intelligence Summit in Denver. The RH-ISAC will have organized more than 20 sessions to help members better prepare for future challenges in cyber security. This year’s Summit follows our tradition of an RH-ISAC member-driven agenda wit...


Credential Harvesting

August 1, 2018  Retail ISAC Team

Numerous attack campaigns in the past couple of months have demonstrated a common tactic used by cybercriminals and state-sponsored attackers alike―credential harvesting. According to the Verizon 2017 Data Breach Investigation Report, 81% of hacking-related breaches leverage either stolen, default...


New Authentication Standards Help Merchants Reduce Risk and Checkout Friction 

July 18, 2018  Brett McDowell, Executive Director, The FIDO Alliance

By Brett McDowell, Executive Director, The FIDO Alliance With attacks shifting away from POS terminals to web and mobile channels, the risk of data breach and account fraud for online retailers is skyrocketing, but new global standards developed jointly by the FIDO Alliance and the W3C are being ...


Third Party Vendor Risks

July 5, 2018  Retail ISAC Team

The threat landscape has transformed significantly over the last decade. As organizations have invested in security controls, tools and personnel to combat threats, threat actors have found other ways to infect systems and ultimately compromise organizations. As a result, threat actor groups have be...


Phishing-As-A-Service (PHASS) Platforms and Frameworks

June 20, 2018  Retail ISAC Team

PHISHING-AS-A-SERVICE (PHAAS) allows attackers to create individual phishing campaigns, schedule and process emails and a lot of other related procedures that are involved in phishing computer targets. While most currently available PhaaS platforms are designed to test the resilience of organization...


Collaboration in the Twin Cities – Recap of Minneapolis’ Regional Intelligence Workshop

June 13, 2018  Alexandra Brown, Program Director, RH-ISAC

The commitment to increasing retailer’s cyber security posture via collaboration, partnership and sharing threat intelligence was evident at the RH-ISAC Regional Intelligence Workshop, hosted at member company Target’s headquarters June 7. Rich Agostino, Target’s CISO, kicked things off with a...


Compromised Point-of-Sale Data Remains a Staple Among Fraudsters

June 9, 2018  By Kathleen Weinberger and Roman Sannikov, Flashpoint

By Kathleen Weinberger and Roman Sannikov Below is a featured blog post from associate member Flashpoint. This comes as a follow-up to the webinar they presented recently to the RH-ISAC membership. We thank them for their expertise and willingness to share and support the RH-ISAC's community of r...


RH-ISAC goes to Canada

June 9, 2018  Jennifer McGoldrick-Stenberg, Director, Membership & Operations, RH-ISAC

We took our workshop tour to Canada on Tuesday to host the first RH-ISAC Canadian Retail Cybersecurity Invitational with our partner, Deloitte. The one-day gathering brought cybersecurity professionals together from Canada’s leading retail, grocer, consumer products, entertainment, and hospitality...


We Need to Be All In

June 6, 2018  Suzie Squier, Executive Director, RH-ISAC

By: Suzie Squier, Executive Director, RH-ISAC Whether it was working with legal counsel to determine what information can be shared, or in internal discussions with his team, “being all in” was Publix vice president of IS architecture and security Steve Wellslager’s mantra for his efforts ...


Diversity: the art of thinking independently together. An interview with Deb Dixson.

June 6, 2018  Jennifer McGoldrick-Stenberg, Director, Membership & Operations, RH-ISAC

By: Jennifer McGoldrick-Stenberg, Director, Membership & Operations, RH-ISAC As Malcolm Forbes once said, “diversity [is] the art of thinking independently together.” This powerful message is paralleled in the thoughtful responses I received during my conversation with Deb Dixson. As you may ...


RH-ISAC Intelligence Workshop Series Kicks Off in Ohio

May 23, 2018  Jennifer McGoldrick-Stenberg, Director, Membership & Operations, RH-ISAC

One could argue that Ohio is a hot bed for retail and many of Ohio’s best joined RH-ISAC staff last week to kick off its Intelligence Workshop series at a member company headquarters in Columbus. With more than 30 in attendance, the day was packed with informative and educational content stemming ...


RH-ISAC Reflects on 2018 RSA Events

April 24, 2018  Alexandra Brown

Last week, some of the RH-ISAC staff attended RSA in San Francisco, California. We participated in several great talks, sessions and of course, ample networking time with our cybersecurity peers both in and out of the Retail industry. Here’s a rundown of our 2018 RSA experience:   Staring o...


Better to be a Warrior in a Garden: A Conversation with Scotts Miracle Gro's Grant Sewell

March 12, 2018  Jennifer McGoldrick-Stenberg

Introducing the Practitioner Mindset Series – Interview with a Cybersecurity Professional: The RH-ISAC is on a mission to bring you useful content, fresh perspectives, and modern-day cybersecurity wisdom. Join Jennifer McGoldrick-Stenberg, membership and operations director, in this series of dee...


Shape Security Spotlight: Key Takeaways - Retail Threat Briefing Webinar with RH-ISAC

February 28, 2018  Shape Security

In the era of Amazon and mainstream e-commerce, every online retailer has to deliver a compelling user experience across their web and mobile channels while protecting customers from cyberattacks and fraud. Recently, Shape collaborated with RH-ISAC to share attack data and analysis of the most preva...


Retail Cyber Intelligence Sharing Center (RH-ISAC) Forms Gaming and Hospitality Cybersecurity Alliance (GHCA), a Dedicated Information and Intelligence Sharing Alliance within the RH-ISAC

February 13, 2018  Allie Brandenburger

Washington, DC - Today, Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) announced the formation of the Gaming and Hospitality Cybersecurity Alliance (GHCA), a dedicated information and intelligence sharing group within the RH-ISAC. MGM Resorts International will co-chair the...


The RH-ISAC Announces Cyber Thursdays

February 7, 2018  Allie Brandenburger

Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) announces Cyber Thursdays, an educational webinar series they will lead in 2018. Beginning in February, the RH-ISAC will host one Cyber Thursday webinar series one Thursday each month. In collaboration with its members, the org...


The RH-ISAC Announces Cyber Thursdays

February 7, 2018  Allie Brandenburger

Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) announces Cyber Thursdays, an educational webinar series they will lead in 2018. Beginning in February, the RH-ISAC will host one Cyber Thursday webinar series one Thursday each month. In collaboration with its members, the org...


Announcing the RH-ISAC Newsletter

February 5, 2018  Corey Nihlean

Do you want timely industry news and an insider view of the RH-ISAC delivered directly into your inbox? Look no further! With the start of 2018, we’re introducing an easy-to-subscribe weekly newsletter. Stay on top of relevant news with content curated directly to you! We have partnered with No...


RH-ISAC Associate Member Spotlight: Visa Threat Intelligence: Top 5 Retail Payment Threats

January 26, 2018  Alexandra Brown

Over the course of 2017, Visa Threat Intelligence (VTI) observed many global breach trends that had the potential to impact the RH-ISAC community. There are a myriad of point of sale threats facing the retail landscape. Through Visa research and partnership within the industry, Visa Threat Intellige...


Announcing The RH-ISAC Weekly Threat Brief

January 26, 2018  Alexandra Brown

Do you want timely industry news and an insider view of the RH-ISAC delivered directly into your inbox? Look no further! With the start of 2018, we’re introducing an easy-to-subscribe weekly news brief. Stay on top of relevant news with content curated directly to you!...


Spotlight on RH-ISAC Member: SpyCloud: How the Grinch Stole Your Customer’s Account

November 28, 2017  Alexandra Brown

Spycloud: How the Grinch Stole Your Customer’s Account It’s mid- November and the hectic holiday season is top of mind for many organizations.  There are only a few more days before the threat level increases.  As early deal-hunters start to strategize ahead of Black Friday and Cyber Monda...


Featured Guest RH-ISAC Blog Post: Akamai: 5 Things You Should Be Doing to Protect Your Website This Cyber Monday

November 22, 2017  Brooke Noble

5 Things You Should Be Doing to Protect Your Website This Cyber Monday By: Dave Lewis, Global Security Advocate, Akamai Every year we return to talk about security steps to better protect the individual shoppers. We discuss the myriad of confidence scams that crop up during Black Friday and Cyber ...


Spotlight on RH-ISAC Member: Flashpoint: Shoplifting: Defeating Theft Detection and Prevention Technology

November 21, 2017  Brooke Noble

Spotlight on RH-ISAC Member: Flashpoint: Shoplifting: Defeating Theft Detection and Prevention Technology Typically considered one of the most accessible and in many cases least-sophisticated types of crime, shoplifting persists as an undeniably damaging affliction across the retail sector. In f...


RH-ISAC In The News: 6 Steps For Sharing Threat Intelligence

November 13, 2017  Allie Brandenburger

Threat information-sharing first started getting more attention and interest in the cybersecurity industry after the 9/11 terror attacks. So you’d think by now it would be a routine process, especially with the volume of high-profile data breaches in the past few years. But while there has been...


This #CyberAware month, Two RH-ISAC Members Offer Space for USSS/FBI BEC Workshops

October 26, 2017  Suzie Squier

In the true spirit of information sharing and in support of the National Cyber Security Awareness Month, two RH-ISAC members, JOANN Stores and Starbucks, offered their space and, more importantly, valuable staff time in support of the US Secret Service’s (USSS) and Federal Bureau of Investigatio...


Retail Cyber Intelligence Summit Reflection

October 18, 2017  Alexandra Brown

The RH-ISAC team recently wrapped up our second annual Retail Cyber Intelligence Summit. Our whole team spent a handful of days in Chicago to facilitate a wildly successful (I may be biased) conference for the elite retail cybersecurity practitioner community. We’ve compiled our story of these i...


Stepping into Leadership: Q&A with Target CISO Rich Agostino

September 20, 2017  Alexandra Brown

In anticipation of the RH-ISAC’s Retail Cyber Intelligence Summit, our team had the opportunity to ask a few questions to Target’s new CISO, Rich Agostino. We wanted to learn more about his approach to strategic leadership, how he is addressing the threat landscape and advice he has for up-and-...


Worth The Investment

August 30, 2017  Suzie Squier

I’m a bit behind in my reading, so just finished the article, “Don’t Bite the Phish Hook,” from August 23 which references RiskIQ’s 2017 State of Enterprise Digital Defense Report. The article suggests that companies “Invest in three things: people, process and tech.” I ...


Overcoming Legal Barriers to Information Sharing

August 29, 2017  RH-ISAC

The RH-ISAC team is working hard to strengthen support for our members to share openly and actively within our trusted community. We’ve teamed up with Hunton & Williams to gather insights for overcoming legal barriers to information sharing. We understand that companies are challenged to provid...


Letter from Suzie: You Think the Total Eclipse Will Be Cool?

August 24, 2017  Suzie Squier

If you think the total eclipse will be cool, wait until you see the 2017 Retail Cyber Intelligence Summit: Securing Retail 002! And you don’t need special glasses! In addition to the great line up of speakers, like “The Importance of Women in Cybersecurity” panel on Day 1 and Target’s...


The Retail ISAC Announces a Featured Speaker Preview

July 26, 2017  Alexandra Brown

The RH-ISAC is giving you a sneak peek of the 2017 Retail Cyber Intelligence Summit’s featured speakers! Join us October 3-4 in Chicago for Securing Retail: 002, an opportunity for members of the greater retail and consumer services industries – including restaurants, hospitality, convenience st...


RH-ISAC Taps TruSTAR as a new Partner in New Information Sharing Architecture

July 24, 2017  Brooke Noble

Today the RH-ISAC announced the addition of another threat intelligence partner, TruSTAR Technology.   TruSTAR is a valuable addition to the ISAC’s technology suite, built from the ground up the platform will increase our ability to break down barriers to intelligence exchange. The RH-ISA...


A Note from New Executive Director Suzie Squier

July 7, 2017  Suzie Squier

Having been on board at the RH-ISAC for a little over three weeks now, I can tell you a lot of work is being done to continue to break down the barriers that impede information sharing. There are three obstacles that prevent sharing: legal or internal policy constraints, limitations with staff re...


RH-ISAC Highlights from the Retail Collaboratory

May 26, 2017  Alexandra Brown

Earlier this month, the RH-ISAC team was proud to host our first Retail Collaboratory event. We welcomed a crowd of 130+ retail information security pros, industry experts, and strategic sponsor partners for two days of collaboration and member-led discussions. Our team is appreciative of the many i...


Whose Line is it Anyway? One CISO’s Approach to Board Communications

April 4, 2017  RH-ISAC

Recently, the RH-ISAC team sat down with Scott Howitt, SVP & CISO at MGM Resorts International, to learn more about his approach to assessing, prioritizing, and communicating risk to the board of directors. To learn more about additional strategies, join Scott and other retail CISOs in an upcoming w...


Key takeaways from the RH-ISAC’s week at RSA Conference

February 22, 2017  Alexandra Brown

Hi, I’m Alex Brown. As Community Manager at the RH-ISAC, I’m thrilled to begin working with and learning from all of you on how to best facilitate conversations and disseminate information that drives value for you within your organizations and in the retail cybersecurity space. Kicking off what...


The Retail ISAC (RH-ISAC) Presents our Holiday Guidance Series for Retailers

October 27, 2016  Brooke Noble

The Retail ISAC (RH-ISAC) is pleased to invite all eligible retailers to join in our upcoming Holiday Guidance webinar series designed to arm information security professionals from retail, restaurants, hotels, hospitality, and our partner sectors with actionable insight, strategies, and peer discu...


Beyond the Cybersecurity Breach: To the Right of Boom

October 25, 2016  Brian Engle

A series of cybersecurity breaches in the 2013 to 2014 timeframe were the shot heard throughout the industry for many retailers. For some retailers the shot has resulted in a direct hit, while for others it has served as a warning fired across the bow. In all cases, the impact of these events has re...


Accepting the Challenge

May 1, 2016  RH-ISAC

Last week was our inaugural RH-ISAC Summit in Chicago. With just over 200 attendees, we had the most significant retail industry professionals covering the latest and greatest in cybersecurity issues and trends.   Kicking off the two days of deep discussions was a session with the RH-ISAC Boa...


Sharing Threat Intelligence at Both Ends of the Chain

January 18, 2016  RH-ISAC

An SC Magazine e-book came out recently, dubbed “Retail Retaliation,” which gives a good summation of some of the issues facing retailers these days. It’s an oversimplification to say it’s all about that POS, but we certainly know that attackers are going to keep exploiting vulnerabilities...


7 Ways in Which Retail Security is Different

August 19, 2015  RH-ISAC

Hello, and welcome to the Retail CISC blog! We thought we’d start with an inaugural post on how retail security is different from (and often harder than) security for your standard enterprise. Is there such a thing as a standard enterprise? Probably not from the CISO’s point of view, but many ve...


Don’t Forget to Share This One Important Thing.

August 9, 2015  RH-ISAC

Many organizations are nervous about sharing threat intelligence, especially if they think it reveals details about the inner workings of their organizations. But there’s one case where they should hold their collective noses and do it anyway. More sites are basing their controls on threat inte...