RH-ISAC Highlights from the Retail Collaboratory
Author: Alexandra Brown
Earlier this month, the RH-ISAC team was proud to host our first Retail Collaboratory event. We welcomed a crowd of 130+ retail information security pros, industry experts, and strategic sponsor partners for two days of collaboration and member-led discussions. Our team is appreciative of the many individuals who helped build this inspiring event: the speakers and workshop facilitators who brought us valuable learning, and our sponsoring partners for their support. Our participants brought the Retail Collaboratory alive with their genuine desire to share knowledge, build bridges, and offer support to help us move the needle for retailers.
As a close out to the event, the RH-ISAC team brings you our top takeaways from the two days in Frisco, Texas. In no particular order:
- Turning Ideas into Actions: For those of you in the room when Jamie Wallace led a discussion around the ‘lightbulb’ moments from the conference, I’m sure you’ll agree that the power of active and vulnerable engagement is vast. Each audience member was asked to share their key takeaway from the event. Going around the room we heard things like: ROI of sharing technologies, TIPs, defining process around sharing, handling threats, etc. Of the comments, what stood out was the similarity and differences in takeaways. Much of what attendees detailed wasn’t related to a particular agenda item, but it was actionable suggestions heard from facilitators, speakers, and attendees alike. We hope that the ideas and potential shared will turn into a reality.
- Building a Benchmarking Framework: The CISO leaders launched a member-driven working group around strategic benchmarking. This group of leaders walked through the ‘what’ and the ‘why’ CISO benchmarking data is necessary and took the first steps toward solidifying a framework fit for our enterprise. The group will drive outcomes to support the need for retail industry focused data, with this session marking the beginning of a dedicated initiative for members to come together in small groups and work on benchmarking to align security investments with business investments, measure incident response and risk tolerance, frame out team structure and chart progress as a security organization.
- Learning from One Another: The RH-ISAC ISAC analysts participated in several discussions intended to propel trust and engagement around relevant matters for fellow analysts. They saw organizations with less mature capabilities discussing their needs directly with those further down the path. Analysts expressed the need for comprehensive threat intelligence – Who, What, When, Where, Why and How (5W’s+H) – and best practices on using this information for defense, predicting threat activity, and defining the scope of responsiveness resources required. Interactive sessions and dialogue helped members to understand the value of building threat intelligence programs, and just what those programs look like. These conversations seeded ideas that will continue to be explored at the RH-ISAC Retail Annual Retail Cyber Intelligence Summit.
- ATO and Fraud Activities Dominated Conversation: Fraud activity was discussed in nearly 50% of the conference sessions. It’s a complex problem, magnified by its impact to cyber and fraud areas, numerous actors and campaigns, and the variety of Tactics, Techniques, & Procedures (TTP’s) employed by criminal actors. The Retail Collaboratory served as a Launchpad for a Fraud Working Group, led by Matthew Harless at Synchrony Financial Bank. Matt and fellow RH-ISAC members and retailers framed the initial constructs for the working group at the event. Initial objectives include collective work to enable information flow for gift card fraud related activity, establishing guidelines for determining normal vs. abnormal behavior, and building awareness of “red flags” to reduce the impact of fraud crime.
- Furry Friends: Lastly, how can we not mention Bronte the dog? A surprising, and perhaps a slightly operationally-stressful addition to the event, she was relaxed and happy to be around the masses during networking times and of course, food breaks. She brought joy to many – our members are clearly dog people!
Did we mention your top moment? What’d we miss? What would you like to see at the RH-ISAC Retail Cyber Intelligence Summit in October? E-mail us your comments at events@RH-ISAC.org, we’re always interested in member feedback and suggestions.