[IS&T Security-FYI] SFYI Newsletter, September 21, 2009
Monique Yeaton
myeaton at MIT.EDU
Mon Sep 21 13:41:19 EDT 2009
In this issue:
1. Heartland Responds to Data Breach
2. US Cyber Challenge
3. Event: Community SANS Boston 2009
-------------------------------------------------
1. Heartland Responds to Data Breach
-------------------------------------------------
Heartland Payment Systems acknowledged a data breach earlier this year
(involving Hannaford Bros. and other stores) that exposed millions of
payment card accounts. CEO of Heartland told a US Senate committee
that the payment card industry needs to adopt end-to-end encryption to
protect consumers, financial institutions, and payment processors from
payment card fraud. Heartland is also installing tamper-resistant
point-of-sale terminals at its retailers.
Full story: <http://www.networkworld.com/news/2009/091409-heartland-ceo-credit-card-encryption.html
>
The Smart Card Alliance claims end-to-end encryption is not the answer
to protecting card data, and is instead calling for "contactless chips
with dynamic cryptograms."
Full story: <http://www.darkreading.com/database_security/security/encryption/showArticle.jhtml?articleID=220000501
>
-----------------------------
2. US Cyber Challenge
-----------------------------
The Gov 2.0 Summit that was held in Washington, DC on September 9 and
10 focussed on the rise of the World Wide Web and how it has resulted
in new possibilities and business models shaping our current culture
and economy. With the proliferation of issues and a scarcity of
resources, the government is inviting the private sector to
participate and collaborate on these challenges. One of the challenges
is cyber security.
As you may remember from a previous SFYI Newsletter issue, cyber
security is a top national issue of this administration. Government
agencies are not the only ones facing scarce resources when addressing
cyber security. Military organizations, companies, and educational
institutions also face a critical shortage of cyber security experts
with sufficient hard skills.
One initiative aiming at increasing the pipeline of these super-
talented people is the US Cyber Challenge. A session at Gov 2.0 had a
videotaped interview with the winner of an early round of NetWars, an
online game offered as part of the US Cyber Challenge. The video clip
is illuminating (and funny) and useful for motivating very talented
high school and college students to get engaged in cyber security.
The video (it is about 8.5 minutes long): <http://blip.tv/file/2610813>
The NetWars Competition: <http://www.sans.org/netwars/>
More about the Summit: <http://www.gov2summit.com/gov2009/>
-----------------------------------------------------------------
3. Upcoming Event: Community SANS Boston 2009
-----------------------------------------------------------------
What: SANS Security 501: Advanced Security Essentials - Enterprise
Defender
When: Monday, October 26 - Saturday, November 1 (6 day course)
Where: Courtyard by Marriott, Woburn
How much: $3345. Register by September 30 and save $250.
The core focus of the course is:
Prevention - configuring a system or network correctly
Detection - identifying breaches that occur at the system or network
level
Reaction - responding to an incident and moving to evidence collection/
forensics
More info: <http://www.sans.org/boston09_cs2>
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090921/c68d8e29/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1846 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090921/c68d8e29/attachment.bin
More information about the ist-security-fyi
mailing list