previous arrow
next arrow

Protect As One

The Retail Cyber Intelligence Sharing Center (R-CISC)

The R-CISC is the trusted cybersecurity community for retailers, gaming properties, consumer product manufacturers, grocers, hotels, restaurants, and cybersecurity industry partners worldwide.

The R-CISC team is dedicated to building and sustaining valuable programs, partnerships, products and opportunities that enable members to grow their trust-based relationships, strategic knowledge and tactical capabilities.

Through the Retail ISAC, housed within the R-CISC, members of all sizes have the ability to share cyber intelligence on incidents, threats, vulnerabilities, and associated threat remediation because, as a community, we understand that we are stronger together.

Our Members

Members represent retail and customer-facing companies throughout the retail ecosystem including traditional retail, consumer products, hotels, gaming, consumer financial services, gift cards, restaurants, and industry providers.



Jim Cameli


VP & Global CISO

Colin Anderson

Vice Chairman

VP, IT & Global CISO

Scott Howitt



Dave Spooner



Ken Athanasiou



Dave Estlick



Roseann Larson


Former CISO

Rich Noguera



Lauren Dana Rosenblatt


Executive Director, Global Head of Cyber Threat Mgmt.

Grant Sewell


Mgr., Global Info. Security

Warren Steytler


CISO & VP, IT Engineering & Operations

Suzie Squier

Executive Director

Member Testimonials

Member Benefits

R-CISC Member benefits and service offerings are tailored to drive value for cybersecurity professionals by optimizing efficiencies through automated intelligence sharing, delivering simple and secure access to the R-CISC community, curating practical, meaningful and actionable content, and enabling peer-to-peer collaboration and best practice sharing.

Gain access to a private network of industry peers and providers exchanging intelligence and insight within the R-CISC community. These trusted communications take place via the R-CISC Collaboration Portal, analyst-to-analyst exchanges, and participation in virtual community discussions.

The Retail ISAC facilitates security intelligence sharing, analysis, and understanding through both human and machine-to-machine data exchange. Campaigns, indicators and requests for information are shared across similar verticals to increase context around individual threats, industry-wide threat landscape trends, tools and techniques. Retail ISAC analysts provide additional enrichment, intelligence, and insights around information that is shared.

The R-CISC offers members a unique opportunity to establish trust-based, peer-to-peer relationships through participation in collaborative in-person and virtual events and streamlined discussion within the Collaboration Portal. R-CISC content and events are built from direct member feedback, resulting in carefully crafted sessions that facilitate peer knowledge exchange, deliver leading practices and ensure practical outcomes and lasting connections.

Retail members benefit from timely intelligence reports, products, and insights including contributions from our Associate Members:

Organizations who engage with retailers as product or service providers may request an application to participate in the R-CISC community as Associate members. Associate members are industry-leading providers committed to adding value within the R-CISC community and the activities it supports, understanding industry challenges, and supporting member companies. To drive the strongest possible exchange of value between Associate and Core members, Associate member applications will be carefully considered based on the organization’s ability and commitment to contribute to the R-CISC’s mission of advancing the collective capabilities of cyber security professionals in retail and customer-facing companies in the retail ecosystem.

Learn More About Membership

Our Associate Members


Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture protects organization’s valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit the Accenture Security blog.


Anomali provides access to their Anomali Threat Stream portal site for R-CISC intel sharing. R-CISC members can create their user accounts and join trusted circles for intel sharing. Threat Stream account holders can then view incidents, add incidents, add campaigns, sign-up for phishing email ingest, and import indicators.


Flashpoint provides direct value to retail members by providing a curated weekly intelligence report designed to deliver timely, accurate and relevant intel that supports decision-making capabilities. Additionally, Flashpoint provides the R-CISC ISAC team with secure access to deep and dark web communities for greater visibility of threats, threat actors, and retail industry impacting activities.

Intel 471

Intel 471 provides the R-CISC ISAC team with timely and exclusive data on current, real-time threats and pending future threats. This partnership provides the R-CISC with increased visibility and focused insight related to the increased number and sophistication of attacks against retailers, online commerce, restaurants, hotels, consumer product manufacturers and other consumer serving industries.


ReversingLabs provides a hosted and maintained online instance of the A1000 Malware Analysis platform for all R-CISC members to share threat information within their organizations. ReversingLabs offers training for users including quarterly webinars, email updates on product offerings and benefits, in-depth presentations on the A1000 services, and availability for direct user support.


SpyCloud is a pioneer in breach discovery and account takeover prevention. We strive to help businesses of all sizes mitigate data breaches by proactively alerting when employee or customer assets have been compromised. We accomplish this through our early-warning breach detection service powered by a world-class team of intelligence analysts.

Stroz Friedberg

Stroz Friedberg is a global leader in cybersecurity, forensic investigations, and due diligence. We offer expertise in cyber incident response, security assessment and consulting, forensics, and investigations. Having worked with the largest players in the B2C space, our experts improve top tier retailers’ ability to defend against, respond to, and prevent cyber disruptions. Whether protecting systems and customer information from data breaches, thwarting point of sale attacks or malware, or remediating gaps in a company’s cyber strategy, we seek truth so clients can find resilience.


Symantec Corporation (NASDAQ: SYMC), the world's leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec's Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world's largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats.


ThreatConnect provides access to their platform for R-CISC members. The ThreatConnect platform helps to identify, manage, and block threats faster by consuming consolidated data, importing your own data, combining external open source threat feeds with your data, and allowing you to act on malicious indicators by using platform-provided signatures to detect threats in your environment.


ThreatQuotient delivers an open and extensible threat intelligence platform (TIP) to provide defenders the context, customization and collaboration needed for increased security effectiveness and efficient threat operations and management. ThreatQ accelerates the transformation of threat data into actionable threat intelligence by giving defenders unmatched control through a threat library, an adaptive workbench and an open exchange to ensure that intelligence is accurate, relevant and timely to their business. With ThreatQ, customers can get more out of existing security resources, both people and infrastructure.


TruSTAR is part of the tech infrastructure that powers R-CISC's threat intelligence exchange. TruSTAR’s platform helps companies operationalize the intelligence generated from the R-CISC Community, correlate intel with the users own historical event data, external intelligence feeds, and other sharing groups. This threat intelligence platform gives R-CISC members one central destination to analyze and enrich the most relevant data sources for its users.

Visa Threat Intelligence

Indicators of Compromise help organizations determine if they have been the target of a breach and contributes actionable data helping merchants avoid future breaches. When payment fraud occurs, Visa’s Risk and Fraud teams collect and analyze information from the breach and that data is provided through an API to VTI subscribers. Because breaches often occur many months prior to fraud, businesses can significantly reduce risk by detecting breaches early.

Strength Through Collaboration

The R-CISC is dedicated to building on a strong foundation of sharing by engaging in cooperative partnerships with industry trade associations, government, law enforcement, and cross-sector sharing forums.

The R-CISC is a member of the National Council of ISACs (NCI) and a participant in the Department of Homeland Security (DHS) Cyber Information Sharing and Collaboration Program (CISCP). Through the CISCP, the R-CISC shares threat information with DHS affiliated agencies including the Federal Bureau of Investigations (FBI), United States Secret Service, United States Computer Emergency Readiness Team (US-CERT) and others affiliated with the National Cybersecurity & Communications Integration Center (NCCIC).