When you discuss enterprise IT security, chances are someone will bring up Target’s breach. It has become synonymous with retail data vulnerability as well as enterprise cloud security in general. These threats go well beyond the walls of Target stores and have been increasing over the years. Before the Target attack last holiday season, for example, Nieman Marcus reported a similar breach which exposed about 1.1 million customer cards. To paint a better picture, consider that there are unreported or undetected attacks that occur along with the exposed ones. Referred to as POS (Point of Sale) system malware- more specifically known as “RAM Scraping”, these attacks are becoming better funded and more sophisticated. The FBI confidentially warned retailers that this type of theft is on the rise regardless of current mitigation efforts from both the private sector and government agencies, as Reuters reported in January 2014. So why has there been such a widespread upswing, and what are retailers actively doing to mitigate this?
The rise in activity signals a new level of confidence in cybercriminals- and it makes sense.
The massive Target breach had such a shocking media impact, that it appeared as an unprecedented event to the public. It is important to understand, however, an escalation of similar attacks has been in effect well before 2014 and this allowed criminals to learn and improve their methods. Cybercrime syndicates behave like regular corporations; they make big money, hire top talent, and employ R&D teams to enhance their product and delivery to win customers. Consider the past few years as a ‘growth phase’ for these groups, some have hit their marks and are now ready to take on big projects like major US retailers.
If you consider the past few large attacks as a trial run for large-scale cybercrime syndicates, they tested the waters and refined their approach. Major US retailers are now at a point where cooperation, sharing, and training are absolutely essential to protect their customers’ data as well as their own longevity. There has been a fundamental problem that burdened both the US government and major US retailers: they are too dispersed in leadership and cooperation on cybersecurity fronts- whereas the other side has been very good at collaborating and helping each other find exploits and develop upgrades.
The Answer: a Retail Cyber Intelligence Sharing Center.
It comes as no surprise to learn of a recently launched alliance of large retailers and brands aimed at combining efforts to mitigate risks and stay ahead of attacks. There are many key players in this new organization from academia to the Secret Service, and the goal is to identify, analyze and mitigate threats in real-time across private industries and government agencies.
Say hello to the Retail Cyber Intelligence Sharing Center, or R-CISC.
The combined knowledge and newfound agility afforded by this new group should greatly improve response and prevention of theft and intrusion. =. Similar calls have been made for government agencies to share threat information in real-time, and the R-CISC could be a model to follow considering it already involves the FBI, Secret Service, and Homeland Security.