Press

Business Wire: Closing the Retail Cybersecurity Gap Between Breaches and Fraud

LexisNexis Risk Solutions and the Retail Cyber Intelligence Sharing Center (R-CISC) Team to Offer Retailers an End-to-End Solution for Mitigating Cyber Threats

ATLANTA–(BUSINESS WIRE)–While retailers are getting better at combatting cybersecurity threats to customer data, few are prepared to combat the fraud that happens after a hack. A new cooperative effort announced today between LexisNexis Risk Solutions and the Retail Cyber Intelligence Sharing Center (R-CISC) will give retailers new resources for bridging the gap between cyber theft and fraud prevention.

The R-CISC is the retail industry’s cybersecurity consortium for sharing intelligence, alerts and solutions to fight cyber threats. LexisNexis Risk Solutions will join the consortium as a Premier Associate Member, and make available to R-CISC members the many fraud-fighting services available within its LexisNexis® Fraud Defense Network.

In turn, LexisNexis Risk Solutions will leverage the alerts and threat intelligence in R-CISC’s arsenal to enhance its products and services for its retail customers. The R-CISC will also make available its analysts and capabilities to help LexisNexis Risk Solutions assess its own cyber alerts.

The collaboration is one of the first to combine the substantial resources of identity theft and fraud prevention organizations to offer retailers an end-to-end solution for mitigating their cyber risks. We recently sat down with Vikram Dhawan, Sr. Director Product Management of LexisNexis Risk Solutions; Kimberly Sutherland, Senior Director, Fraud Management of LexisNexis Risk Solutions along with Brian Engle, Executive Director of R-CISC to discuss the ramifications of the announcement.

LexisNexis Risk Solutions: What is the need for retailers that is driving this announcement?

Dhawan: Retailers don’t have broad visibility into identity fraud and lack critical knowledge around how to mitigate it. By working together, we give them a comprehensive set of resources and expertise for fighting cyber risks from the initial theft of identities and personal information to fraud attempts using those stolen identities. This is a first-of-its-kind effort covering the full lifecycle of retail cyber threats.

Sutherland: Fraud is a costly problem for retailers that is only getting worse. Our 2016 LexisNexis True Cost of Fraud report found that every dollar of fraud cost merchants $2.40, up from $2.23 from the previous year. We also discovered that the volume of fraud rose sharply—from a monthly average of 156 to 206 successful fraudulent transactions, and from 177 to 236 prevented fraudulent transactions. Greater visibility into fraud is needed to help retailers reverse this trend.

Engle: Cyber-criminals are persistent and their methods are increasingly sophisticated. No industry, institution or government agency is immune from attack. The retail industry is a target for cyber criminals that seek to steal customer information and payment details in data breaches and point of sale attacks. After a breach occurs, the number of retailers attacked by criminals using the information to commit fraud increases exponentially. In the past, retailers have had limited means to combat the potential fraud from stolen personal information. The LexisNexis Fraud Defense Network complements the R-CISC’s cybersecurity resources by filling in these gaps.

LexisNexis: What roles do the R-CISC and the Fraud Defense Network currently play in the market?

Sutherland: The Fraud Defense Network is an initiative that gives insights into fraudulent or suspicious activity by connecting organizations across different industries with resources, experts and powerful data analytics.

Dhawan: LexisNexis Risk Solutions established the Fraud Defense Network because fraudsters have become more sophisticated and often cross industry boundaries to commit crimes on multiple fronts. The tried and true fraud mitigation methods of the past had become less effective. Members can benefit greatly from a cross-industry view to attack the problem more effectively and proactively.

Engle: The R–CISC is proud to serve as the conduit for collaboration, intelligence sharing and cooperation as the trusted cybersecurity community for retailers worldwide. We do this by building and sustaining valuable programs, partnerships, products and opportunities that enable our members to grow in their trust–based relationships, strategic knowledge and tactical capabilities.

Through the R-CISC, retailers of all sizes share cybersecurity intelligence on incidents, threats, vulnerabilities, and associated threat remediation; as a community, we understand that we are stronger together

LexisNexis: How can R-CISC member retailers benefit from the LexisNexis Fraud Defense Network? Conversely, how is the Fraud Defense Network enhanced with R-CISC resources?

Dhawan: Managing retail fraud can be challenging. The Fraud Defense Network provides both resources and technology for fraud mitigation. Our retail customers in the R-CISC membership can leverage our comprehensive data and analytics to quickly and confidently recognize good customers and good transactions while stopping bad ones, from their eCommerce sites to brick-and-mortar stores to mobile transactions.

Sutherland: I agree. Because the Fraud Defense Network is a cross-industry initiative, retailers can gain from both the data already gleaned from other industries like financial services, insurance and government, as well as from insights and intelligence for fraud prevention already refined in these industries. For example, retailers can take advantage of data available from financial services when vetting a newly opened customer account.

The value-add that R-CISC brings to the Fraud Defense Network are the early threat alerts. In other words, early awareness. The earlier retailers can be aware of the potential fraud, the more able they will be to stop it at their door.

Engle: Warning signs and indications of criminal activity come in many stages: prior to a data breach as attackers launch campaigns of attacks with phishing and the exploitation of vulnerabilities; during the dropping of malware intended to exfiltrate data; in the underground markets where the information is sold after a breach occurs; and during the fraud activities that monetize the theft of the data. Using the trust-based exchange of information occurring within the R-CISC membership, combined with the detection and threat intelligence that identifies the criminal underground activity along with the fraud alerts that the Fraud Defense Network can provide, R-CISC member retailers can be highly disruptive to criminals making it much more difficult for them to be successful.

LexisNexis: Will there be any new resources or services created through this collaboration?

Dhawan: Threats and alerts from the R-CISC will be integrated into the products and services offered through the Fraud Defense Network. LexisNexis will also offer its products and services to R-CISC members. We are also working to develop new services integrating our respective expertise.

Engle: Adding fraud-related detection information and mitigation techniques to the arsenal of cybersecurity tools available to R-CISC members will initially be very valuable to retailers. Our strengths of collaboration through bringing together formidable experts within the cybersecurity and fraud related fields will help to develop more in the future as we combine forces. We look forward to the potential of new services and resources that will come as the result of our teams working together.

LexisNexis: How does this collaborative effort specifically create an end-to-end solution for retailers? What are all the parts of the puzzle?

Engle: Cybersecurity efforts have largely been focused on everything leading up to a breach event. Strategies have included shoring up the payment transaction with end-to-end encryption, bolstering extensive layers of protection and defensive measures, and developing improved detection and monitoring capabilities to thwart cybersecurity breaches of payment card and customer information. The R-CISC serves this part of the threat cycle with threat intelligence and cybersecurity information sharing throughout our members to get ahead of any breaches. The resulting fraud that occurs after the breach of payment card information and customer account credentials necessitates the convergence of cybersecurity strategies with fraud detection and mitigation, and the R-CISC/LexisNexis collaboration pulls both ends of the cybercrime spectrum together to enable retailers to more quickly detect and defend against costly fraud activities.

Dhawan: That’s where the Fraud Defense Network kicks in. It brings to retailers the fraud fighting capabilities and intelligence derived from sharing across different industries – like finance, retail, telecommunications, insurance, government, law enforcement and health care – because fraudsters don’t always have a particular bias for a given industry. They tend to ‘follow the money,’ deliberately exploiting gaps in systems to perpetrate fraud and hide their tracks.

Sutherland: In addition, the Fraud Defense Network builds on the R-CISC’s great work to give retailers a dedicated platform to share best practices and contribute to the body of knowledge of fraud. They gain access to our data, analytics and linking technology. They also can tap into our ongoing stream of research and other information on fraud prevention. And they can help contribute to a larger cross-industry fraud mitigation effort by sharing information through our contributory database.

To read the full article, please visit: http://www.businesswire.com/news/home/20170207006188/en/Closing-Retail-Cybersecurity-Gap-Breaches-Fraud

The Retail Cyber Intelligence Sharing Center (R-CISC) is the trusted cybersecurity community for retailers, consumer services retailers, and cyber security industry partners worldwide. Created in 2014 in response to the increased number and sophistication of attacks against our industries, the R-CISC supports traditional retailers, online commerce, wholesalers, restaurants and the food service industry, entertainment, lodging, professional sports leagues and organizations providing other consumer services.

To contact the R-CISC, please email pr@r-cisc.org

Read More
Podcast: Fighting Organized Cybercrime

In this episode, Brian Engle of R-CISC Calls for International Threat Information Sharing on the Bank Info Security podcast.

Please click here to listen to the podcast.

Cyberattacks waged by organized crime groups are simultaneously targeting a wider array of industries worldwide, which is why cross-industry threat information sharing is more critical than ever, says Brian Engle, executive director of the Retail Cyber Intelligence Sharing Center.

While attacks targeting the financial services sector and other business sectors may go after different information, the tools and methods of attack used are basically the same, he says. “We are seeing a lot of the same types of threats across healthcare, aviation and, to a degree, even the automotive industry,” Engle says during this interview at Information Security Media Group’s recent Fraud & Breach Prevention Summit in London.

“We’re definitely seeing an organized element of criminal behavior that is able to leverage common infrastructure and tools and toolsets,” Engle explains. “The number of organizations that can be attacked concurrently, and somewhat arbitrarily by industry type, is increasing. … But information, in general, is being exfiltrated from organizations, whether it’s healthcare, retail or financial services – and that’s happening with … a capability that is really staggering.”

International Collaboration

As head of the information sharing and analysis center for retail organizations, Engle says he’s pushing for more cross-industry collaboration and threat-intelligence sharing that spans international borders.

“The threats that we’re seeing are definitely not divided by boundaries of borders or even oceans,” he says. “We definitely see that the operations of U.S.-based entities are affected by the same threats as those that are operating overseas.”

R-CISC has been working with the financial-services sector for the last two years to enhance and automate cross-industry information sharing. Now Engle says it’s time to expand that sharing into other sectors, which he hopes, in time, will be facilitated more through governments.

During this interview (see audio link below photo), Engle also discusses:

  • How he sees cross-industry information sharing evolving over the next year;
  • Why information sharing within the retail space is still in its infancy; and
  • How information sharing and analysis centers in all industries are working to filter and funnel data in more meaningful ways.
  • In his role as executive director, Engle supports the R-CISC’s mission of sharing cybersecurity information and intelligence. He also leads the
  • Retail and Commercial Services Information Sharing and Analysis Center. Engle serves as an advisory partner on the leadership team of the
  • ISAO Standards Organization. He previously served as CISO and cybersecurity coordinator for the state of Texas, CISO at the Texas Health and
  • Human Services Commission, CISO at Temple-Inland and as manager of information security assurance at Guaranty Bank.
Read More
The R-CISC Hosts its first Wargaming Exercise

Boston, MA – July 14, 2016 The Retail Cyber Intelligence Sharing Center (R-CISC), the cybersecurity resource for the retail industry, today hosted a Wargaming Exercise in collaboration with Synchrony Financial, an R-CISC associate member, and Deloitte at the TJX Companies Headquarters.

The R-CISC brought together over 40 participants and observers from the retail and consumer service industries for a Cybersecurity Wargame exercise. The exercise built off the R-CISC’s experience at the DHS sponsored Cyber Storm V National exercise that occurred in March of this year. The R-CISC Wargame exercise focused on retailer specific preparation for and response to a cyber-attack scenario to demonstrate how organizations respond, communicate and share information during crisis situations.

 

“The scenario was challenging and demonstrated the need for collaborative efforts to obtain critical information necessary for decisions during a cyber-attack”, said Brian Engle, R-CISC Executive Director. “It was incredible to see the collaboration between the participants, and how the information sharing that the R-CISC enables helped provide critical details needed for the participants; truly signals that the advancements that the industry is making are helping prepare for potential cyber-attacks.”

 

The Retail Cyber Intelligence Sharing Center (R-CISC) is the trusted cybersecurity resource for retailers, consumer services retailers, and cyber security industry partners worldwide. Created in 2014 in response to the increased number and sophistication of attacks against our industries, the R-CISC supports traditional retailers, online commerce, wholesalers, restaurants and the food service industry, entertainment, lodging, professional sports leagues and organizations providing other consumer services.

 

For more information, please contact pr@r-cisc.org.

Read More
The R-CISC hosts an Analysts’ Hunting Expedition Event at TJX Companies Headquarters

Boston, MA – July 13, 2016 The Retail Cyber Intelligence Sharing Center (R-CISC), the cybersecurity resource for the retail industry, today hosted an Analysts’ Hunting Expedition at TJX Companies Headquarters. The event was held in partnership with Anomali, an associate member of the R-CISC, brought together leading retail security leaders and analysts to engage, share and learn while continuing to build relationships and trust within the R-CISC membership community.

R-CISC Executive Director, Brian Engle, commented that “Our members are sharing intelligence on a daily basis and the Hunting Expedition and other R-CISC events add an additional layer to the trust component we work hard to enable. In-person discussions such as the hunting expedition enrich the dialogue among retailers and advance the collective capabilities of our members as a whole.”

 

The Hunting Expedition included over 30 cybersecurity experts from leading retail brands to collaborate on sector specific threats and the effective tactics they are using to defend against them.

 

The Retail Cyber Intelligence Sharing Center (R-CISC) is the trusted cybersecurity resource for retailers, consumer services retailers, and cyber security industry partners worldwide. Created in 2014 in response to the increased number and sophistication of attacks against our industries, the R-CISC supports traditional retailers, online commerce, wholesalers, restaurants and the food service industry, entertainment, lodging, professional sports leagues and organizations providing other consumer services.

 

For more information, please contact pr@r-cisc.org.

Read More
R-CISC Provides Insights to Retail Facility Managers

WASHINGTON, DC – 26 MAY, 2016- Retail Store Maintenance, the official publication of the Professional Retail Store Maintenance Association features new risks to retail facilities in their May/June 2016 publication. The number one risk identified for retailers is the threat of cyber-attack, with the Retail Cyber Intelligence Sharing Center (R-CISC) providing insights into cybersecurity risks as they relate to retail facilities.

R-CISC Executive Director Brian Engle explains how retail building and facility management systems can create cybersecurity vulnerabilities. “These systems themselves are not, in isolation, dangerous; it’s their interconnected nature that makes them very, very vulnerable at times.”

“Companies are extending access to remote personnel through what is a legitimate back door. But sometimes those legitimate back doors become the back doors for the bad guys when not properly secured. Too often, the expectation is that security for remote access is taken care of elsewhere, by someone else, when it is not. Ensuring that the proper level of authentication, isolation of systems, and monitoring is required.”

To reduce risk of security breaches in current or new systems, facility managers should:

  • Consult with IT
  • Choose a supplier that emphasizes security
  • Improve system passwords
  • Monitor systems activity continually
  • Limit access
  • Insist on good cybersecurity practices

Wendy Nather, R-CISC Research Director, further emphasizes the importance of fighting for your security program. “If you are talking to suppliers or people within your organization about security and somebody is trying to convince you that you’re asking too much, don’t believe them. As a CISO, I used to get told by suppliers all the time that I was the only one asking for this level of security. It’s ok to push back, and in fact, that’s part of your job to push back. We can’t make a change across the industry unless everybody is pushing together,” Nather says.

To read the full article, please visit http://www.nxtbook.com/naylor/PRSS/PRSS0316/index.php#/12

Created by retailers in response to the increased number and sophistication of attacks against the industry, the R-CISC is the cybersecurity resource for industry information sharing, and provides another tool in retailers’ arsenal against cyber criminals by sharing leading practices and threat intelligence in safe and secure ways.

To contact the R-CISC, please email pr@r-cisc.org

 

Read More