Retail & Commercial Services ISAC

We are stronger through collaboration.

The Retail Information Sharing & Analysis Center (ISAC) component of the R-CISC functions as a forum for retailers to share threat information and leading practices with each other to enhance the security of the retail industry’s networks and protect consumer data. Benefits of our Retail Information Sharing & Analysis Center platform include:

Information sharing

  • Interactive threat/ vulnerability database
  • Machine-readable threat indicator data feed
  • Threat bulletins and advisories

Threat Analysis

  • Regular threat reports
  • Regular analyst calls
  • Emerging issue analysis calls


  • Secure portal discussion tool
  • Listserv conversation capability
  • In person round table events

Member support

  • Industry subject matter expertise
  • Facilitated Information gathering
  • Member-focused content

What information do we share?

Sharing threat intelligence with peers helps improve security posture and situational awareness. Our ISAC portal shares information that includes, but is not limited to:


Details associated with the “who, what, where” of a particular threat (the targeted sector, the type/nature of data exfiltrated)

Threat Actor

Data helpful to the identification of bad actors in order to aid in better detection and prevention of future threat activity

Course of Action

Information describing processes and practices for detection, prevention, mitigation, or remediation of threat activity


Data suggesting motive of the threat actor or type of attack in order to aid in better detection and prevention of future threats


Tactics, techniques, or procedures that are standard incident response practices during the course of an attack and infiltration.


A description of threat/ attack activity observed including all known resources used to conduct the threat

Target Exploit

Data identifying the actions the threat may take against a victim’s system/network, and potential weaknesses to be exploited


Specific attributes defining known or suspected threat activity which enumerates why the observable pattern is of interest