[IS&T Security-FYI] SFYI Newsletter, September 21, 2009

Monique Yeaton myeaton at MIT.EDU
Mon Sep 21 13:41:19 EDT 2009 

In this issue:

1. Heartland Responds to Data Breach
2. US Cyber Challenge
3. Event: Community SANS Boston 2009


-------------------------------------------------
1. Heartland Responds to Data Breach
-------------------------------------------------

Heartland Payment Systems acknowledged a data breach earlier this year  
(involving Hannaford Bros. and other stores) that exposed millions of  
payment card accounts. CEO of Heartland told a US Senate committee  
that the payment card industry needs to adopt end-to-end encryption to  
protect consumers, financial institutions, and payment processors from  
payment card fraud. Heartland is also installing tamper-resistant  
point-of-sale terminals at its retailers.

Full story: <http://www.networkworld.com/news/2009/091409-heartland-ceo-credit-card-encryption.html 
 >

The Smart Card Alliance claims end-to-end encryption is not the answer  
to protecting card data, and is instead calling for "contactless chips  
with dynamic cryptograms."

Full story: <http://www.darkreading.com/database_security/security/encryption/showArticle.jhtml?articleID=220000501 
 >


-----------------------------
2. US Cyber Challenge
-----------------------------

The Gov 2.0 Summit that was held in Washington, DC on September 9 and  
10 focussed on the rise of the World Wide Web and how it has resulted  
in new possibilities and business models shaping our current culture  
and economy. With the proliferation of issues and a scarcity of  
resources, the government is inviting the private sector to  
participate and collaborate on these challenges. One of the challenges  
is cyber security.

As you may remember from a previous SFYI Newsletter issue, cyber  
security is a top national issue of this administration. Government  
agencies are not the only ones facing scarce resources when addressing  
cyber security. Military organizations, companies, and educational  
institutions also face a critical shortage of cyber security experts  
with sufficient hard skills.

One initiative aiming at increasing the pipeline of these super- 
talented people is the US Cyber Challenge. A session at Gov 2.0 had a  
videotaped interview with the winner of an early round of NetWars, an  
online game offered as part of the US Cyber Challenge.  The video clip  
is illuminating (and funny) and useful for motivating very talented  
high school and college students to get engaged in cyber security.

The video (it is about 8.5 minutes long): <http://blip.tv/file/2610813>

The NetWars Competition: <http://www.sans.org/netwars/>

More about the Summit: <http://www.gov2summit.com/gov2009/>


-----------------------------------------------------------------
3. Upcoming Event: Community SANS Boston 2009
-----------------------------------------------------------------

What: SANS Security 501: Advanced Security Essentials - Enterprise  
Defender
When: Monday, October 26 - Saturday, November 1 (6 day course)
Where: Courtyard by Marriott, Woburn
How much: $3345. Register by September 30 and save $250.

The core focus of the course is:
Prevention - configuring a system or network correctly
Detection - identifying breaches that occur at the system or network  
level
Reaction - responding to an incident and moving to evidence collection/ 
forensics

More info: <http://www.sans.org/boston09_cs2>

= 
= 
= 
========================================================================

Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB 
 >



Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security






-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090921/c68d8e29/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1846 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090921/c68d8e29/attachment.bin

More information about the ist-security-fyi mailing list