The Green Sheet Online Edition
May 25, 2015 • Issue 15:05:02
Information sharing companies join forces to fight cybercrime
Two nonprofit cyber security information-sharing services recently formed a strategic alliance. The Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Retail Cyber Intelligence Sharing Center (R-CISC) will continue to provide threat information sharing and cyber security intelligence to their respective communities.
The organizations anticipate their collaborative efforts will result in a 360 degree view of the emerging threat landscape from financial institution and merchant perspectives. Combined technological and analytic capabilities are expected to enable the partners to leverage core competencies and enhance existing advisory services to help banks, credit unions and merchants react quickly to the evolving threat environment.
Brian Engle, Executive Director at the R-CISC, said he sees potential benefits in the cross-functional partnership with the FS-ISAC. "Partnering with FS-ISAC is a surefire way to help accelerate new tools and offerings to retailers," he said, noting that the expanded capabilities of the two organizations will enable the R-CISC to enhance its guidance and best practices.
Two organizations, one common goal
The FS-ISAC, established in 1999, is a privately held, member-owned nonprofit focused on disseminating timely, relevant and actionable cyber-security information to financial services stakeholders.
The financial services industry created the FS-ISAC in response to Presidential Directive 63 issued in 1998, which mandated information sharing between the public and private sectors. The directive was later revised to become the 2003 Homeland Security Presidential Directive 7, protecting the critical and potentially vulnerable U.S. infrastructure from physical and cyber-security threats. The FS-ISAC became a global organization in 2013.
The R-CISC, formed in May 2014, is a nonprofit organization launched by the Retail Industry Leaders Association. It is tailored for the retail industry and promotes cyber-security and data privacy best practices. Fifty major retail brands, including American Eagle Outfitters, The Gap Inc., J. C. Penney Co. Inc. and Lowe's Companies Inc. provide operational insights and guidance.
The R-CISC has three dedicated divisions to address different aspects of threat detection and management. Its Information Sharing and Analysis Center promotes sharing between law enforcement and retail members to help identify and react quickly to attacks on existing information technology infrastructure. An Education and Training division works with retailers to train employees on information security and best practices. A Research and Development arm works closely with security analysts and academia to understand emerging trends in the evolving threat landscape.
Expanded analytical, technological capabilities
The strategic alliance with the FS-ISAC is expected to help the R-CISC focus on its core mission and broaden security operation capabilities in several key areas. The FS-ISAC will:
- Provide strategic guidance and support to help R-CISC broaden its information and analytics services to its membership base.
- Work with portal provider NC4 to establish an exclusive portal for R-CISC members to facilitate sector-to-sector sharing between retailers and financial institutions.
Assign dedicated security operations staff to monitor aggregated data and disseminate relevant information and analysis to retailers.
- Support the R-CISC's ongoing efforts to create new information sharing and educational product offerings.
- Employ its Soltra Edge, an automated threat detector created in partnership with The Depository Trust & Clearing Corp., to automate previously manual monitoring activities. The solution uses open standards protocols to route threat information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.