Federal agencies are in the midst of an ambitious project to make it easier to share cybersecurity intelligence with each other, a project that has been stymied by ingrained cultural processes and, somewhat ironically, by security concerns.
In an interview with Enterprise Security Planet, Jaime Blasco, director of AlienVault Labs, spoke of a similar need to improve threat intelligence and data sharing among private companies as well.
"A lot of companies in different industries are being compromised by the same people, using the same techniques, using the same infrastructure," Blasco said. "So data sharing can make the detection process much easier for those companies, because they’ll have the information in advance, even before the attackers try to compromise them."
The benefit of information sharing grows along with the number of participants, Blasco said. "…the bigger the data, the bigger the information about breaches and attackers we have, the better the information is."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The Retail Industry Leaders Association (RILA) trade association is spearheading an initiative in which several of the largest retailers in the United States will share threat intelligence with each other, and with security analysts and agencies such as the U.S. Department of Homeland Security and the U.S. Secret Service.
The initiative, called the Retail Cyber Intelligence Sharing Center (R-CISC), is meant to be "a comprehensive resource for retailers to receive and share threat information, advance leading practices and develop research relevant to fighting cyber crimes," said RILA President Sandy Kennedy in a statement.
More than 50 of the country's largest retailers, including companies like Safeway, Target and J.C. Penney, provided input used to create the center, as did government agencies, law enforcement agencies and security experts.
"The retail industry is already going to great lengths to minimize risk and stay ahead of cyber criminals. The reality is, cyber-criminals work non-stop and are becoming increasingly sophisticated in their methods of attack and by sharing information and leading practices and working together, the industry will be better positioned to combat these criminals," said Ken Athanasiou, global information security director for American Eagle Outfitters.
Sharing Cybersecurity Data, Education and Research
The R-CISC was incorporated as an independent organization. Its incoming board of directors includes senior executives from American Eagle Outfitters, the Gap, J.C. Penney, Nike, Safeway, Target Corporation, VF Corporation (owner of clothing brands including Wrangler, Nautica and Vans, among others) and Walgreens. While the initial participants include some of the country's largest retailers, it is open to companies of all sizes.
The data-sharing part of the R-CISC initiative is called the Retail Information Sharing and Analysis Center (Retail-ISAC). It aims to make it easy for retailers to share anonymized information with each other through a dedicated cyber-analyst and technician at the National Cyber Forensics and Training Alliance. According to RILA, the cyber-analyst and technician "are processing and distilling information about real-time cyber threats, such as new strains of malware, underground criminal forum activity, potential software vulnerabilities, and translating this information into actionable intelligence, in the most usable and timely form for retailers."
RILA also has formed relationships with several government agencies including the Secret Service, the Federal Bureau of Investigation and the Department of Homeland Security, to facilitate sharing data with them.
The initiative includes education and research aspects as well. RILA plans to partner with educational institutions and other organizations to offer retailers access to training in cybersecurity and data privacy best practices, and it also intends to collaborate with academia to provide research on emerging technologies and potential future threats.
RILA hopes the R-CISC will become a resource for not only the retail industry, but for related merchant industries as well.
Ann All is the editor of eSecurity Planet and Enterprise Apps Today. She has covered business and technology for more than a decade, writing about everything from business intelligence to virtualization.