R-CISC BLOG

Collaboration in the Twin Cities – Recap of Minneapolis’ Regional Intelligence Workshop

The commitment to increasing retailer’s cyber security posture via collaboration, partnership and sharing threat intelligence was evident at the R-CISC Regional Intelligence Workshop, hosted at member company Target’s headquarters June 7. Rich Agostino, Target’s CISO, kicked things off with a powerful opening statement indicating, “Cybersecurity is critical to the success of the entire organization. Collaboration and sharing among cyber threat intelligence analysts across retail is key to bolstering the collective cybersecurity defense capabilities for our industry,” and Target is, “proud to host the R-CISC’s intelligence workshop, because regardless of resources, we all have something important to share.”

This sentiment was exemplified in the well-crafted and thoughtful content that Target Team Members presented throughout the day. There was lively conversation among the 40 cybersecurity practitioners in attendance, and an emphasis on openness of sharing and teamwork to better the community at large.

Content during the workshop included a retail threat briefing focusing on point-of-sale (PoS), phishing and account takeover (ATO), a discussion on cyber maturity models and building out a threat intelligence program, operationalizing threat intelligence and how to demystify a campaign by breaking down the dataset. Use case examples included threat driven detection and tracking infrastructure, threat actor group campaign attributes, and ATO attack methods and tracking methodology. We learned that for organizations attempting to build a CTI program with minimal resources, establishing operational capabilities before producing intelligence is crucial and that the key to proactive detection is behavior – when teams key in on actor behavior they can get ahead of the attacks. Overall, one of the biggest takeaways from the day is that regardless of resources, size, or current capabilities, each and every company brings something important to the table to share, and that this community is dedicated to working together to advance capabilities across the board.

Thank you to the entire Target team for hosting, and to our sponsoring partner Symantec for the workshops. For those located in the Dallas area, we have the last regional workshop for this year coming up on June 28 at R-CISC member company Sally Beauty’s headquarters. Don’t miss an opportunity to meet up with retail cybersecurity peers and learn how to Action on Threat Intelligence. RSVP Here