Protect As One

The Retail Cyber Intelligence Sharing Center (R-CISC)

The R-CISC is the trusted cybersecurity community for retailers, gaming properties, consumer product manufacturers, grocers, hotels, restaurants, and cybersecurity industry partners worldwide.

The R-CISC team is dedicated to building and sustaining valuable programs, partnerships, products and opportunities that enable members to grow their trust-based relationships, strategic knowledge and tactical capabilities.

Through the Retail ISAC, housed within the R-CISC, members of all sizes have the ability to share cyber intelligence on incidents, threats, vulnerabilities, and associated threat remediation because, as a community, we understand that we are stronger together.

Our Members

Members represent retail and customer-facing companies throughout the retail ecosystem including traditional retail, consumer products, hotels, gaming, consumer financial services, gift cards, restaurants, and industry providers.



Colin Anderson


VP, IT & Global CISO

Scott Howitt

Vice Chairman


Dave Spooner



Grant Sewell


Mgr., Global Info. Security

Ken Athanasiou



Jim Cameli


VP & Global CISO

Dave Estlick



Lauren Dana Rosenblatt


Deputy CISO

Warren Steytler


CISO & VP, IT Engineering & Operations

Suzie Squier


Member Testimonials

Member Benefits

R-CISC Member benefits and service offerings are tailored to drive value for cybersecurity professionals by optimizing efficiencies through automated intelligence sharing, delivering simple and secure access to the R-CISC community, curating practical, meaningful and actionable content, and enabling peer-to-peer collaboration and best practice sharing.

Gain access to a private network of industry peers and providers exchanging intelligence and insight within the R-CISC community. These trusted communications take place via the R-CISC Collaboration Portal, analyst-to-analyst exchanges, and participation in virtual community discussions.

The Retail ISAC facilitates security intelligence sharing, analysis, and understanding through both human and machine-to-machine data exchange. Campaigns, indicators and requests for information are shared across similar verticals to increase context around individual threats, industry-wide threat landscape trends, tools and techniques. Retail ISAC analysts provide additional enrichment, intelligence, and insights around information that is shared.

The R-CISC offers members a unique opportunity to establish trust-based, peer-to-peer relationships through participation in collaborative in-person and virtual events and streamlined discussion within the Collaboration Portal. R-CISC content and events are built from direct member feedback, resulting in carefully crafted sessions that facilitate peer knowledge exchange, deliver leading practices and ensure practical outcomes and lasting connections.

Retail members benefit from timely intelligence reports, products, and insights including contributions from our Associate Members:

Organizations who engage with retailers as product or service providers may request an application to participate in the R-CISC community as Associate members. Associate members are industry-leading providers committed to adding value within the R-CISC community and the activities it supports, understanding industry challenges, and supporting member companies. To drive the strongest possible exchange of value between Associate and Core members, Associate member applications will be carefully considered based on the organization’s ability and commitment to contribute to the R-CISC’s mission of advancing the collective capabilities of cyber security professionals in retail and customer-facing companies in the retail ecosystem.

Learn More About Membership

Our Associate Members


Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture protects organization’s valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit the Accenture Security blog.


Anomali provides access to their Anomali Threat Stream portal site for R-CISC intel sharing. R-CISC members can create their user accounts and join trusted circles for intel sharing. Threat Stream account holders can then view incidents, add incidents, add campaigns, sign-up for phishing email ingest, and import indicators.


CyberInt’s Managed Detection and Response offering services are based on ArgosTM - CyberInt’s proven real time digital risk protection platform - consulting and managed services as well as a strong cyber-expert multi lingual analyst team. Serving customers spanning globally and include cyber-secured customers from retail, finance, e-commerce, and gaming industries. Security challenges differ between industries and CyberInt facilitates companies in taking a proactive outside - in approach to cybersecurity. CyberInt’s nuanced understanding of different industries vis-a-vis the rapid growth of attack vectors and sophistication reflects expertise in working with companies of any size and nature to provide continuous monitoring, detection and immediate responses to threats and vulnerabilities. To address real-time threats, and reduce fraud rate, and protect brands, CyberInt utilizes early prevention of brand abuse to avoid crises or downtime, with powerful intelligence-led forensic tools to investigate and respond and contain to never-before-seen attacks in real time before they materialize.


As better-connected consultants, we help our clients navigate the Transformative Age. We do this by connecting the talents, creativity and experience of our entire organization and alliances. This enables us to ask the better questions and find answers to some of the world’s toughest challenges and build a better working world.


Flashpoint delivers Business Risk Intelligence (BRI) to empower organizations worldwide with meaningful intelligence and information that combats threats and adversaries. The company’s sophisticated technology, advanced data collections, and human-powered analysis uniquely enables large enterprises and the public sector to bolster cybersecurity, confront fraud, detect insider threats and build insider threat programs, enhance physical security, improve executive protection, and address vendor risk and supply chain integrity. Flashpoint is backed by Georgian Partners, Greycroft Partners, TechOperators, K2 Intelligence, Jump Capital, Leaders Fund, Bloomberg Beta, and Cisco Investments. For more information, visit or follow us on Twitter at @FlashpointIntel.

GuidePoint Security

GuidePoint Security is an elite team of top certified cybersecurity experts. We help organizations minimize cyber gaps and vulnerabilities, understand the evolving threat landscape and optimize resources designed to create a safer, more secure cybersecurity ecosystem. Learn more at

Intel 471

Intel 471 provides the R-CISC ISAC team with timely and exclusive data on current, real-time threats and pending future threats. This partnership provides the R-CISC with increased visibility and focused insight related to the increased number and sophistication of attacks against retailers, online commerce, restaurants, hotels, consumer product manufacturers and other consumer serving industries.


IntSights is redefining cyber security with the industry’s first and only enterprise threat management platform that transforms tailored threat intelligence into automated security operations. Our groundbreaking data-mining algorithms and unique cyber reconnaissance capabilities continuously monitor an enterprise's external digital profile across the surface, deep and dark web, categorize and analyze millions of threats, and automate the risk remediation lifecycle -- streamlining workflows, maximizing resources and securing business operations. This has made IntSights’ one of the fastest growing cybersecurity companies in the world. IntSights’ has offices in Amsterdam, Boston, Japan, New York, Dallas and Tel Aviv. To learn more, visit:


ReversingLabs provides a hosted and maintained online instance of the A1000 Malware Analysis platform for all R-CISC members to share threat information within their organizations. ReversingLabs offers training for users including quarterly webinars, email updates on product offerings and benefits, in-depth presentations on the A1000 services, and availability for direct user support.


Based in Colorado Springs, CO, R9B (root9B, LLC) is a leading provider of advanced cybersecurity services and training for commercial and government clients. Combining cutting-edge technology, tactics development, specialty tools, and deep mission experience, R9B personnel leverage their extensive backgrounds in the U.S. Intelligence Community to conduct advanced vulnerability analysis, penetration testing, digital forensics, incident response, industrial control system (ICS) security, and active adversary pursuit (HUNT) engagements on networks worldwide. For more information, visit

Shape Security

The world's largest enterprises rely on Shape Security as their primary line of defense against fraud and attacks on their web and mobile applications. Shape customers include three of the Top 5 US banks, five of the Top 10 global airlines, two of the Top 5 US insurers, and two of the Top 5 global hotels. The company has raised $100M+ from Kleiner Perkins, Google Ventures, Eric Schmidt, and other leading investors to build an advanced web, mobile, artificial intelligence, and machine learning platform for global scale application defense. The Shape platform, covered by 50 issued patents and 100+ additional patent applications, was designed to stop the most dangerous application attacks enabled by cybercriminal fraud tools, including credential stuffing (account takeover), product scraping, unauthorized aggregation, and other threats. Shape was named by CNBC as one of the 50 most disruptive companies in the world. Today, the Shape Network defends 1.4 billion user accounts from account takeover and protects $1B of in-store mobile payments worldwide. Shape is headed by industry leaders from Google, Cisco, IBM, Raytheon, Palo Alto Networks, and the Department of Defense.


SpyCloud is a pioneer in breach discovery and account takeover prevention. We strive to help businesses of all sizes mitigate data breaches by proactively alerting when employee or customer assets have been compromised. We accomplish this through our early-warning breach detection service powered by a world-class team of intelligence analysts.

Stroz Friedberg

Stroz Friedberg is a global leader in cybersecurity, forensic investigations, and due diligence. We offer expertise in cyber incident response, security assessment and consulting, forensics, and investigations. Having worked with the largest players in the B2C space, our experts improve top tier retailers’ ability to defend against, respond to, and prevent cyber disruptions. Whether protecting systems and customer information from data breaches, thwarting point of sale attacks or malware, or remediating gaps in a company’s cyber strategy, we seek truth so clients can find resilience.


Symantec Corporation (NASDAQ: SYMC), the world's leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec's Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world's largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats.


ThreatConnect provides access to their platform for R-CISC members. The ThreatConnect platform helps to identify, manage, and block threats faster by consuming consolidated data, importing your own data, combining external open source threat feeds with your data, and allowing you to act on malicious indicators by using platform-provided signatures to detect threats in your environment.


ThreatQuotient delivers an open and extensible threat intelligence platform (TIP) to provide defenders the context, customization and collaboration needed for increased security effectiveness and efficient threat operations and management. ThreatQ accelerates the transformation of threat data into actionable threat intelligence by giving defenders unmatched control through a threat library, an adaptive workbench and an open exchange to ensure that intelligence is accurate, relevant and timely to their business. With ThreatQ, customers can get more out of existing security resources, both people and infrastructure.


TruSTAR is part of the tech infrastructure that powers R-CISC's threat intelligence exchange. TruSTAR’s platform helps companies operationalize the intelligence generated from the R-CISC Community, correlate intel with the users own historical event data, external intelligence feeds, and other sharing groups. This threat intelligence platform gives R-CISC members one central destination to analyze and enrich the most relevant data sources for its users.


Valimail is the trusted leader in fully automated email authentication, with the only comprehensive platform for anti-impersonation, brand protection, and compliance used by corporations and federal agencies such as Uber, Fannie Mae, WeWork, and the U.S. Agency for International Development. Valimail Enforce is the only FedRAMP-authorized email authentication service and, because it uses no personally identifiable information (PII), it is also GDPR compliant. Valimail authenticates billions of messages a month for some of the world's biggest companies, in finance, government, transportation, health care, manufacturing, media, technology, and more. Valimail is based in San Francisco. For more information visit

Visa Threat Intelligence

Indicators of Compromise help organizations determine if they have been the target of a breach and contributes actionable data helping merchants avoid future breaches. When payment fraud occurs, Visa’s Risk and Fraud teams collect and analyze information from the breach and that data is provided through an API to VTI subscribers. Because breaches often occur many months prior to fraud, businesses can significantly reduce risk by detecting breaches early.


Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading global information technology, consulting and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics and emerging technologies to help our clients adapt to the digital world and make them successful. A company recognized globally for its comprehensive portfolio of services, a strong commitment to sustainability and good corporate citizenship, we have over 170,000 dedicated employees serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future.

Strength Through Collaboration

The R-CISC is dedicated to building on a strong foundation of sharing by engaging in cooperative partnerships with industry trade associations, government, law enforcement, and cross-sector sharing forums.

The R-CISC is a member of the National Council of ISACs (NCI) and a participant in the Department of Homeland Security (DHS) Cyber Information Sharing and Collaboration Program (CISCP). Through the CISCP, the R-CISC shares threat information with DHS affiliated agencies including the Federal Bureau of Investigations (FBI), United States Secret Service, United States Computer Emergency Readiness Team (US-CERT) and others affiliated with the National Cybersecurity & Communications Integration Center (NCCIC).