Building the Foundation of Your Cybersecurity Program is a guide that was developed by Accenture with member support from the RH-ISAC Security Operations Working Group. The mission of the RH-ISAC Security Operations Working Group is to foster a collaborative forum to share best practices on how resource-strapped teams can maximize resources—including those provided by the RH-ISAC—to strengthen their defenses and be better able to communicate their position and future needs with internal stakeholders. This report provides ideas on the following themes:

  • People – Skillsets and Knowledge.
  • Process – Putting People to Work.
  • Technology – The Tools of the Trade.
  • Continued cyberattacks against hospitality. 
  • Oversight – Watching the Watchmen.

RH-ISAC Resources

As a member of RH-ISAC, you gain access to a large number of intelligence reports, surveys, and bulletins to assist your team in the fight against cybercrime

Build a Cybersecurity Program

Building the Foundation of Your Cybersecurity Program: Where To Start And How To Grow

Building the Foundation of Your Cybersecurity Program is a guide that was developed by Accenture with member support from the RH-ISAC Security Operations Working Group.
accenture report

RH-ISAC and Accenture Retail & Hospitality 2020 Threat Trend Report

The report shares insights into the state of cyberthreats to the retail and hospitality sectors throughout 2019, and also looks ahead as companies deal with cyber threats during COVID-19.
RH-ISAC Overview

RH-ISAC Overview

Find out more about RH-ISAC member benefits and why RH-ISAC is the trusted cybersecurity community for the retail and hospitality industries in this overview.


Read RH-ISAC frequently asked questions about membership, benefits, and the role of the ISAC.
RH-ISAC Overview – What is the RH-ISAC

What is the RH-ISAC

Learn about the RH-ISAC and why you should become a member today!
RH-ISAC Member-led Groups Image

RH-ISAC Member-led Groups

RH-ISAC member-led groups provide a collaborative environment for members to share expertise, best practices, threat information, and mitigation techniques based on the needs of the industry.
RH-ISAC Education – Cybrary TLPGREEN

RH-ISAC Education Programs

Find out about RH-ISAC educational opportunities members have access to through the Research and Education Department.

2019 Year in Review

The RH-ISAC 2019 Year in Review breaks down the year at RH-ISAC. The report highlights trending topics among members, threat intelligence and information sharing from 2019, membership snapshot, RH-ISAC hosted events, working groups, and more.

2019 RH-ISAC Post-Summit Guide

This report contains information regarding the 2019 RH-ISAC Summit and highlights from the event, including: keynote and speaker summaries, attendee statistics, photos, and more.
2019 Accenture Report_

RH-ISAC and Accenture Retail & Hospitality 2019 Threat Trend Report

The report shares insights into the state of cyberthreats to the retail and hospitality sectors throughout 2018.

RH-ISAC and The Media Trust eCommerce Benchmark Report

RH-ISAC teamed up with The Media Trust to conduct an eCommerce security and efficiency benchmarking and improvement effort. Download the report today.

The Anatomy of Account Takeover

RH-ISAC shares lessons learned about evolving account takeover (ATO) threats. Get a holistic overview of the threat and best practices for detection and response.

CISO Guide to the CCPA

RH-ISAC partnered with its CISO members and industry experts to produce the Retail and Hospitality CISO’s Guide to preparing for the CCPA to improve the understanding of and ability to prepare for CCPA compliance.

PCISSC Magecart Bulletin

The PCI Security Standards Council and the RH-SAC highlight a growing threat to payment security from online card-skimming activity and provide insight on how to defend against them.

2018 Annual Report

The 2018 Annual Report breaks down the year at RH-ISAC, formerly R-CISC. The report highlights trending topics among members, webinars, committees, and the Retail Cyber Intelligence Summit.

2018 Holiday Guidance ATO Quick Wins

Account Take Over (ATO) attacks remain one of the most persistent threats to the RH-ISAC, formerly R-CISC, community. Learn about six quick wins for detection and prevention of ATOs.

MSSP Benchmark Survey

RH-ISAC, formerly R-CISC, partnered with the Retail Industry Leaders Association (RILA) to produce a MSSP benchmarking study to inform decision-making for retail industry outsourcing.

Business Email Compromise Up Close

Find out about the five most common BEC attacks and how to manage them from the Internet Crime Complaint Center (IC3) and RH-ISAC, formerly R-CISC.

Threat Awareness - 2018 Holiday Season

RH-ISAC’s, formerly R-CISC, guide to the 2018 holiday season with highlights on threat actors, scams, malware campaigns and how to resolve them.

Best Practices for Mitigating Coupon Fraud

A comprehensive guide highlighting best practices for mitigating coupon glittering/glitching, a term used when a criminal exploits business process flaws, hacks, or coupon barcoding to commit fraud.

Internal Collaboration Use-Case

A member of RH-ISAC, formerly R-CISC, shares what happened when their information security team partnered with fraud investigations. Find out tips to increasing gift card fraud mitigation.


Gain access to a wide array of cyber intelligence reports and resources, available exclusively to RH-ISAC members.