NRF announces information-sharing platform for cybersecurity threats

WASHINGTON — The National Retail Federation has announced that it is moving forward with the creation of a program that will provide retailers access to information on cybersecurity threats identified by retailers, government and law enforcement agencies, as well as partners in the financial services sector.
 
The program, developed in consultation with the Financial Services Information Sharing and Analysis Center, will launch with the establishment of an information-sharing platform for retail industry information security specialists, and plans call for a retail ISAC to be established in June.

“We believe a heightened and well-coordinated information-sharing platform, such as a retail ISAC, is a vital component for helping retailers in their fight against cyber attacks,” said NRF president and CEO Matthew Shay. “Establishing a new program takes time, but time is not our friend when it comes to stopping these sophisticated and unpredictable criminals. The willingness of the FS-ISAC to work with retailers provides our industry with a new and important tool as we explore all of the options available for merchants to protect their customers and their businesses.”

Responding to the NRF announcement, Sen. Mark Warner (D-Va.) stated, “Establishing a Retail and Merchant ISAC will allow the industry to better share information that could help prevent the types of widespread consumer data thefts we now are seeing. I am pleased to see FS-ISAC collaborating with retailers to establish a tool for real-time sharing of information and best practices around the serious and growing threat of hacking, cyber and identity theft.”

In early February of this year, Sen.s Warner and Mark Kirk (R-Ill.) called for the establishment of a Retail and Merchant Industry ISAC in a letter to the Federal Trade Commission.

Cy Fenton, SVP information technology at Books-A-Million, said, “As an industry, it is critically important that we continue to work together and identify problems while providing solutions that prevent criminal hacking and the resulting data breaches. The safety and security of our customers unites retailers large and small, and information sharing is one of several important steps we are taking in order to achieve this mission critical goal.”

Fenton is chairman of the IT Security Council, a sub-committee of the NRF CIO Council, composed of CIOs and other technology experts from more than 120 retailers and industry partners. The group has been meeting regularly to discuss existing cybersecurity programs, as well as exploring new opportunities for retailers.

Recently, representatives from NRF held in-depth discussions with the U.S. Secret Service and other law enforcement agencies for insight and guidance on how to improve communication, identify available resources and collaborate more effectively to help retailers combat criminal cyber activity.

NRF also has retained the services of Kim Peretti, a partner in the law offices of Alston and Bird. Peretti is part of the firm’s white collar crime group and co-chairs the security incident management and response team. She also is a former director of PricewaterhouseCoopers’ cyber forensic investigation unit and a former senior litigator for the Department of Justice's computer cime and intellectual property section.

As announced in January, the NRF is working closely with the cybersecurity professionals from the Chertoff Group, providing NRF members with the highest level of insight and guidance in risk management and cybersecurity expertise.

Login or Register to post a comment.