Why Red? Why Purple? A NIST CSF View

Red and Purple Teaming serve distinct purposes, and we think NIST CSF backs us up on that. We outline why we believe in starting with Purple Teams to validate Protect and Detect before using Red Teams to validate Respond. I’ve heard the question, “Do Purple Teams help to test the incident response process?” over and…

Read More

Third-Party Risks Abound in the Digital World

RH-ISAC’s VP of Intelligence, Carlos Kizzee is featured in an article on Hospitality Tech. The below is an excerpt from the article. For the full post, visit: https://hospitalitytech.com/third-party-risks-abound-digital-world Today’s retail and hospitality world is increasingly interconnected, and customers expect to shop in the digital marketplace with minimal friction. Third-party systems are a critical component of…

Read More

Starbucks CISO Dave Estlick to Keynote at 2019 Retail Cyber Intelligence Summit

In his keynote session, “Creating Operational Efficiencies Through Orchestration and Automation,” at our upcoming Retail Cyber Intelligence Summit, Dave Estlick, CISO of Starbucks discusses how the talent gap is and remains a consistent pain point for organizations of any size. We’re all aware of the huge shortage of talent and, hence, the competition for the qualified…

Read More

The Threat of Online Skimming to Payment Security

Below we cover basic questions with PCI SSC Chief Technology Officer Troy Leach about a newly released bulletin by the PCI SSC and RH-ISAC on the topic of digital skimming and how to detect and prevent this dangerous threat. For more information about best practices for detection and prevention, review the full bulletin here. Q. …

Read More

Two-Birds, One Stone: Invest in Both Cybersecurity Operations and Employee Growth

The growing threat landscape has amplified a need for talent and tools to better understand, interoperate, and thwart cyber threats. Through the RH-ISAC’s trusted partnerships with Associate members, retail and hospitality cybersecurity practitioners are able to gain knowledge and build skills in myriad manner. One such partnership is with Root9B (R9B), a company that ‘understands…

Read More