Incident & Breach Response , Information Sharing , Managed Detection & Response (MDR)
Fighting Organized Cybercrime: A New Approach
Brian Engle of R-CISC Calls for International Threat Information SharingCyberattacks waged by organized crime groups are simultaneously targeting a wider array of industries worldwide, which is why cross-industry threat information sharing is more critical than ever, says Brian Engle, executive director of the Retail Cyber Intelligence Sharing Center.
While attacks targeting the financial services sector and other business sectors may go after different information, the tools and methods of attack used are basically the same, he says. "We are seeing a lot of the same types of threats across healthcare, aviation and, to a degree, even the automotive industry," Engle says during this interview at Information Security Media Group's recent Fraud & Breach Prevention Summit in London.
"We're definitely seeing an organized element of criminal behavior that is able to leverage common infrastructure and tools and toolsets," Engle explains. "The number of organizations that can be attacked concurrently, and somewhat arbitrarily by industry type, is increasing. ... But information, in general, is being exfiltrated from organizations, whether it's healthcare, retail or financial services - and that's happening with ... a capability that is really staggering."
International Collaboration
As head of the information sharing and analysis center for retail organizations, Engle says he's pushing for more cross-industry collaboration and threat-intelligence sharing that spans international borders.
"The threats that we're seeing are definitely not divided by boundaries of borders or even oceans," he says. "We definitely see that the operations of U.S.-based entities are affected by the same threats as those that are operating overseas."
R-CISC has been working with the financial-services sector for the last two years to enhance and automate cross-industry information sharing. Now Engle says it's time to expand that sharing into other sectors, which he hopes, in time, will be facilitated more through governments.
During this interview (see audio link below photo), Engle also discusses:
- How he sees cross-industry information sharing evolving over the next year;
- Why information sharing within the retail space is still in its infancy; and
- How information sharing and analysis centers in all industries are working to filter and funnel data in more meaningful ways.
In his role as executive director, Engle supports the R-CISC's mission of sharing cybersecurity information and intelligence. He also leads the Retail and Commercial Services Information Sharing and Analysis Center. Engle serves as an advisory partner on the leadership team of the ISAO Standards Organization. He previously served as CISO and cybersecurity coordinator for the state of Texas, CISO at the Texas Health and Human Services Commission, CISO at Temple-Inland and as manager of information security assurance at Guaranty Bank.