ISR News: Heartland Breach Updates

January 30, 2009 by ADMIN

Share |

Excerpts From 2008Breach.com

For the past year, Robert O. Carr, Heartland’s chairman and chief executive officer, has been advocating for payments industry adoption of this technology — which will protect data at rest as well as data in motion — as an improvement for payment transaction security.

Carr stated, “PCI is a good and effective standard, but the bad guys have become more sophisticated to the point where encryption of data in motion appears to be one of the next required steps. There is no single silver bullet that will secure payment systems, and constant vigilance and monitoring of the infrastructure will always be required. Nevertheless, I believe the development and deployment of end-to-end encryption will provide us the ability to implement increasing levels of security protection as they become needed.

“Heartland has been working on the development of end-to-end encryption, but in light of our recent data breach and the impact cyber fraud has had on the public and processors nationwide, we are ramping up our efforts,” Carr continued. “To do this, we are forming a dedicated internal department and have named Steven M. Elefant, a well-known expert in point-of-sale payments, executive director.”

These icons link to social bookmarking sites where readers can share and discover new web pages.

Share |

Filed under: Breach, Class Action Lawsuit, D&O Liability, Financial, ISR News, Insider Threat, PCI, Sarbanes-Oxley, Uncategorized, hackers, identity-theft, privacy

Tags: access, Anthony M. Freed, attack, Bailout, Banks, blackmarket, Bonds, Breach, breaches, bypass, CEO, Class Action Lawsuit, confidential, consumer, Consumers, control, Costs, criminal, cyber security, cyber terrorism, cyber-crime, cybersecurity, D&O liability issue, Data, Debt, Derivatives, DHS, Dollars, DOW, due diligence, Economy, electronic database, FBI, Fiancial Identities, Finance, Financial, Financial Identity, flash drives, fraud, governance, Government, hackers, Heartland, homeland Security, HPY, ID, Identity, identity thief, identity-theft, Information, InfoSec, infrastructure, insider, ISR, Kevin M. Nixon, laptops, law, liability, LifeLock, losses, markets, meltdown, misuse, national security, News, Obama, online fraud, outsourcing, paperless, press release, privacy rights, proprietary, regulations, regulatory, risk, Robert O. Carr, Sarbanes-Oxley, Secret Service, Security, sensitive, social security number, Stocks, System, systems, Taxpayers, third party, top ten, unemployment, valuation, vendors, Wall Street

Comments

One Comment on ISR News: Heartland Breach Updates

Kevin M Nixon on Sun, 1st Feb 2009 1:05 pm

For all financial executives dealing with the risks of data a rest or “on the fly” I suggest going to the ISO site and downloading “Banking and related financial services — Triple DEA — Modes of operation — Implementation guidelines”

The ABA and ANSI X9 participation is also critical for the security staff of any large financial organization. ISO 19038 was specifically written to deploy an end-to-end solution.

Making sound risk and security decisions can not be performed by development staffs that are isolated from reality.

The ISO Implementation guide is written to allow for business processes to continue while maintaining extremely strong data transfer. Commitment to participation should be first and foremost!

http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=33733

Kevin Nixon

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Categories
- Anthony M. Freed (28)
- Bill Brenner (2)
- Bob Violino (1)
- Bozidar Spirovski (22)
- Breach (492)
- Britt Womelsdorf (5)
- By Dr. InfoSec (2)
- Cara Garretson (7)
- CCCNews (1)
- Chorey Taylor & Feil (8)
- Christophe Veltsos (2)
- Christopher Burgess (7)
- CIOZone (24)
- Class Action Lawsuit (109)
- Cloud computing (68)
- Coby Royer (5)
- CTO Forum (8)
- D&O Liability (541)
- Daniel Wallace (5)
- Danny Lieberman (11)
- DataLine (10)
- David Alexander (2)
- Derek Crawford (1)
- Doug Pollack (6)
- due diligence (251)
- Fame Foundry (1)
- FEATURE ARTICLE (398)
- Financial (526)
- Fred Leland (7)
- Gene Kim (3)
- Government (334)
- Greg George (3)
- H1N1 (15)
- hackers (481)
- healthcare (94)
- Heather Bourgoin (1)
- HomeATM (8)
- identity-theft (478)
- IDExperts (16)
- Ike Z. Devji (1)
- Insider Threat (435)
- Internet Crime Complaint Center (1)
- Internet Security Alliance (40)
- ISR News (315)
- Jacqueline Herships (1)
- Jenni Hesterman (3)
- John M. Salomon (2)
- John Watkins (7)
- John-Patrick Skaar (1)
- Kaliber Data Security and Compliance Consultants (3)
- Kat Sanders (2)
- Ken Leeser (3)
- Kevin L. Jackson (10)
- Kevin M. Nixon (22)
- Laton McCartney (6)
- Laura Wilson (14)
- Lauren Taylor (1)
- Linda McGlasson (1)
- malware (446)
- Mark Wright (1)
- Mel Duvall (3)
- Michael Eggebrecht (2)
- Michael Lohr (1)
- Michael O'Conner (4)
- Mike Duncan (3)
- Mike Meikle (3)
- Mike Spinney (1)
- Military (174)
- national security (402)
- PCI (268)
- PCI Security Standards Council (30)
- Physical Security (11)
- privacy (496)
- Rachel James (10)
- Rebecca Herold (16)
- Richard Stiennon (27)
- Robert Siciliano (30)
- Sarbanes-Oxley (443)
- ScamStop (2)
- Sean Wilkins (2)
- Semyon Dukach (1)
- Simon Heron (14)
- Software Associates (11)
- Steven Fox (19)
- SUPERAntiSpyware (3)
- Sybase (6)
- Symplified (5)
- The Jester (4)
- The Privacy Professor (16)
- Thomas R. Fox (4)
- Tom Groenfeldt (2)
- Tom McLain (2)
- Trefis (6)
- Tripwire (18)
- Uncategorized (579)
- virtualization (57)
- Webcast (31)

Information Security Resources

ISR News: Heartland Breach Updates

Comments

One Comment on ISR News: Heartland Breach Updates

ISR Headline Index

Recent Comments

Categories