The Retail ISAC Announces a Featured Speaker Preview

The R-CISC is giving you a sneak peek of the 2017 Retail Cyber Intelligence Summit’s featured speakers! Join us October 3-4 in Chicago for Securing Retail: 002, an opportunity for members of the greater retail and consumer services industries – including restaurants, hospitality, convenience stores and more – to share best practices, gain insights, and network with other information security professionals.

Information sharing is based on trust, and the Summit is a forum for retail practitioners to meet, learn, and share with one another. Here’s a look at some of the exceptional speakers in our lineup.

Featured Speakers:

Deborah Dixson, SVP, Global CISO, Best Buy Co.

Roseann Larson, VP, CISO, VF Corporation

Adam Solomon, Associate, Hunton & Williams

Don Yaeger, New York Times Best-Selling Author

Carson Zimmerman, Author, Cybersecurity Engineer






















Member Exclusive

The R-CISC invites its members to attend our annual member meeting on the evening of October 3. This Gala includes cocktails and networking, announcements, dinner, an awards ceremony and more! R-CISC Core/Core+ members and one qualifying representative from R-CISC associate member organizations are welcome to attend. Space is limited. RSVP today by emailing


The 2017 Retail Cyber Intelligence Summit welcomes a diverse network of attendees including information security professionals from the most prominent retail and consumer services organizations in North America. Visit for attendee qualifications, location information, and to RSVP.

Questions? Please feel free to contact Alex Brown at

We hope to see you in Chicago!




Read More
R-CISC Taps TruSTAR as a new Partner in New Information Sharing Architecture

Today the R-CISC announced the addition of another threat intelligence partner, TruSTAR Technology.

TruSTAR is a valuable addition to the ISAC’s technology suite, built from the ground up the platform will increase our ability to break down barriers to intelligence exchange. The R-CISC now supports a more automated method to support ingest of member-shared data, to increase timely automated sharing of intel.

“Adding TruSTAR as a threat intelligence partner brings the R-CISC one step further in our strategic initiative to expand the capabilities of the Retail ISAC’s technology infrastructure. The R-CISC is breaking down barriers to information sharing and increasing the usability of actionable intelligence available for our users, allowing them to more easily ingest, act and mitigate cyber threats,” said Suzie Squier, Executive Director of the R-CISC. 

“TruSTAR gives R-CISC members the control and context they need to turn threat data into actionable intelligence,” said Paul Kurtz, co-founder and CEO of TruSTAR. “The platform we bring to R-CISC is not hypothetical. We power intelligence exchange across the financial services, energy, healthcare, and technology sectors. We are proud to bring our proven technology to the member organizations of R-CISC and facilitate the next generation information sharing among members.”

We will continue to share more information about new capabilities and partnerships as we continue to build our new architecture.

Have questions or want more information? Contact

Read More
A Note from New Executive Director Suzie Squier

Having been on board at the R-CISC for a little over three weeks now, I can tell you a lot of work is being done to continue to break down the barriers that impede information sharing. There are three obstacles that prevent sharing: legal or internal policy constraints, limitations with staff resources and technology.

At the R-CISC, our goal is to eliminate these obstacles and help our members engage freely, proactively and simplistically. To that end, I’d like to share three ways we’re working to break down these barriers: 

  • Technology Roadmap: We’re transitioning to a new, secure and open architecture that will allow increased functionality and the ability to interface with a variety of threat intelligence platforms. This new architecture will also help resource-constrained teams more easily extract and import information with less manual effort. 
  • Legal/Policy Support: Technology is only one aspect of the puzzle. We still need member engagement to make it happen, and we are working to ease the other obstacles as well. The R-CISC is working on providing best practices for legal and internal policies to educate users and, as a result, increase the level of comfort in sharing information.
  • Trust: Trust is crucial in sharing. When the R-CISC journey began back in 2014, we organized frequent meetings where information security executives within the retail industry could get to know one another. Building those relationships was key to moving forward and creating the R-CISC. Those kinds of relationships; knowing the people you’re sharing with vs. seeing names on a screen, continue to be important. That’s why it’s so important that R-CISC members and non-members plan to attend our 2017 Retail Cyber Intelligence Summit, scheduled for this October 3-4 in Chicago!

We’re stronger together.

Suzie Squier
Executive Director

Read More
R-CISC Highlights from the Retail Collaboratory

Earlier this month, the R-CISC team was proud to host our first Retail Collaboratory event. We welcomed a crowd of 130+ retail information security pros, industry experts, and strategic sponsor partners for two days of collaboration and member-led discussions. Our team is appreciative of the many individuals who helped build this inspiring event: the speakers and workshop facilitators who brought us valuable learning, and our sponsoring partners for their support. Our participants brought the Retail Collaboratory alive with their genuine desire to share knowledge, build bridges, and offer support to help us move the needle for retailers.

As a close out to the event, the R-CISC team brings you our top takeaways from the two days in Frisco, Texas. In no particular order:

  • Turning Ideas into Actions: For those of you in the room when Jamie Wallace led a discussion around the ‘lightbulb’ moments from the conference, I’m sure you’ll agree that the power of active and vulnerable engagement is vast. Each audience member was asked to share their key takeaway from the event. Going around the room we heard things like: ROI of sharing technologies, TIPs, defining process around sharing, handling threats, etc. Of the comments, what stood out was the similarity and differences in takeaways. Much of what attendees detailed wasn’t related to a particular agenda item, but it was actionable suggestions heard from facilitators, speakers, and attendees alike. We hope that the ideas and potential shared will turn into a reality.
  • Building a Benchmarking Framework: The CISO leaders launched a member-driven working group around strategic benchmarking. This group of leaders walked through the ‘what’ and the ‘why’ CISO benchmarking data is necessary and took the first steps toward solidifying a framework fit for our enterprise. The group will drive outcomes to support the need for retail industry focused data, with this session marking the beginning of a dedicated initiative for members to come together in small groups and work on benchmarking to align security investments with business investments, measure incident response and risk tolerance, frame out team structure and chart progress as a security organization.
  • Learning from One Another: The R-CISC ISAC analysts participated in several discussions intended to propel trust and engagement around relevant matters for fellow analysts. They saw organizations with less mature capabilities discussing their needs directly with those further down the path. Analysts expressed the need for comprehensive threat intelligence – Who, What, When, Where, Why and How (5W’s+H) – and best practices on using this information for defense, predicting threat activity, and defining the scope of responsiveness resources required. Interactive sessions and dialogue helped members to understand the value of building threat intelligence programs, and just what those programs look like. These conversations seeded ideas that will continue to be explored at the R-CISC Retail Annual Retail Cyber Intelligence Summit.
  • ATO and Fraud Activities Dominated Conversation: Fraud activity was discussed in nearly 50% of the conference sessions. It’s a complex problem, magnified by its impact to cyber and fraud areas, numerous actors and campaigns, and the variety of Tactics, Techniques, & Procedures (TTP’s) employed by criminal actors. The Retail Collaboratory served as a Launchpad for a Fraud Working Group, led by Matthew Harless at Synchrony Financial Bank. Matt and fellow R-CISC members and retailers framed the initial constructs for the working group at the event. Initial objectives include collective work to enable information flow for gift card fraud related activity, establishing guidelines for determining normal vs. abnormal behavior, and building awareness of “red flags” to reduce the impact of fraud crime.
  • Furry Friends: Lastly, how can we not mention Bronte the dog? A surprising, and perhaps a slightly operationally-stressful addition to the event, she was relaxed and happy to be around the masses during networking times and of course, food breaks. She brought joy to many – our members are clearly dog people!

Did we mention your top moment? What’d we miss? What would you like to see at the R-CISC Retail Cyber Intelligence Summit in October? E-mail us your comments at, we’re always interested in member feedback and suggestions.

Read More
Whose Line is it Anyway? One CISO’s Approach to Board Communications

Recently, the R-CISC team sat down with Scott Howitt, SVP & CISO at MGM Resorts International, to learn more about his approach to assessing, prioritizing, and communicating risk to the board of directors. To learn more about additional strategies, join Scott and other retail CISOs in an upcoming workshop discussion of risk tolerance taking place at the R-CISC’s Retail Collaboratory on May 9-10 at the Westin Stonebriar in Frisco, Tx. The Collaboratory’s inaugural agenda can be found at Interested in participating? Contact us at

Welcome to the big time – as a CISO, your time has arrived. Today’s CISO regularly commands the attention of the Board and Audit Committee, and for good reason. Over recent years, industry impacting events have pushed cyber security to the top of board meeting agendas, and CISOs serve as an expert advisor in informing the board on organizational risks. As times and board priorities change, so too must the CISO’s strategy for deftly translating cyber security ‘speak’ into meaningful, board-level communications.

 As CISO for MGM Resorts International, Scott Howitt is accountable for creating, implementing and overseeing a wide series of strategies and programs to limit information security risk across six separate business units. From retail to hotels, gaming, sports arenas, restaurants and entertainment venues, Scott’s purview encapsulates a wide range of risks which he must then assess, prioritize, and communicate to the board. Read on for a sampling of strategies Scott shared with our team, and for information on the opportunity to join him and more retail CISOs for an interactive, deep-dive discussion of these and other strategies.

 Educate yourself, then educate the board.

 Take advantage of the many online resources available on board guidance, including example questions that the board should ask of the CISO. If you’re not sure where to start, the New York Stock Exchange’s Corporate Board Member magazine can give you an idea of which questions board directors might bring to the table during your next meeting.

Recent litigation suits underscore the high price of the wrong answer to whether an organization has implemented ‘reasonable data security measures’. As the CISO, it’s your job to educate the board on your organization’s information security risk profile, which defensive measures are in place, and where resources are needed to enhance security posture. While it is up to each individual organization to implement security-driven defensive measures based on the unique nature of their risks, here are some useful resources to help the conversation:

  • This recently published document from the Federal Trade Commission (FTC) illustrates the top 10 lessons learned from recent law enforcement actions pursued by the FTC
  • The public private partnerships established between government and industries have made significant progress in improving the nation’s cybersecurity posture – your participation as a member of the R-CISC demonstrates your organization’s commitment to proactively strengthening your cybersecurity program’s capabilities
  • The NIST cybersecurity framework offers the model for a scalable approach to managing cybersecurity-related risks
  • The PCI data security standard applies to companies of any size that accept credit card payments

 Channel your inner CFO.

 Understand these terms and why they’re important, because odds are that every other individual in the board room will know them, too.

  • CAGR
  • CapEx/OpEx

Ie: Understand the net impact of status to [EBITDA, CAGR, operations] and provide solid reasoning to support your assertion.

Be proactive – hire an external auditor.

Because why wouldn’t you want to be the one driving this conversation? Bring in an external auditor to provide their opinion on the information you should be presenting to the board. Inevitably, the subject of an independent audit will be broached at some point. By initiating this process proactively, you’re well positioned to address questions and to communicate findings to leadership.

Remember, cybersecurity is an afterthought unless you can demonstrate the direct correlation between your program and business impact. Retailers can learn more about this approach along with additional strategies in Scott’s upcoming workshop discussion of risk tolerance taking place at the R-CISC’s Retail Collaboratory on May 9-10 at the Westin Stonebriar in Frisco, Tx. Interested in participating? Contact us at


Read More