Access "Cybersecurity information sharing initiatives on the rise"
This article is part of the June 2012 issue of Five actions to prepare for today’s external security threats
When credit card processor Heartland Payment Systems suddenly saw an uptick in fraud coming from outside the United States last year, the company didn’t just quietly handle it internally In the past, the company would have referred the issue to its internal security team to analyze and recommend an action. This time, John South, the company's chief security officer, had other options: He contacted members of the Payments Processing Information Sharing Council (PPISC), a group formed in 2009 that brought together Heartland and its competitors in the industry to share information on threats attacking their systems. He described what the company was seeing and how the attackers were operating. “We were able to validate that other processors were seeing the same pattern and then take that pattern information directly to the U.S. Secret Service to help them and educate them in regards to the mechanism the attackers were using,” South says. Because the incidents are still under investigation by law enforcement, South declined to describe any details of the event. ... Access >>>
Premium Content for Free.
Cybersecurity information sharing initiatives on the rise
by Robert Lemos, Contributor
Businesses and government agencies work to improve sharing of cyberthreat information.
Security information management systems and application monitoring
by Joel Snyder, Contributor
SIMs aren’t just for network monitoring anymore.
- Cybersecurity information sharing initiatives on the rise by Robert Lemos, Contributor
Challenges with data protection in the cloud
by Dave Shackleford
Capabilities such as encryption and DLP can be complicated in the cloud.
CISPA cybersecurity legislation wins industry support
by Robert Westervelt
Legislation designed to provide the federal government with threat data from the private sector gains steam.
- Challenges with data protection in the cloud by Dave Shackleford
Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer
by Michael S. Mimoso, Editorial Director
Reflections on the ICS CERT alert, Oracle’s handling of a zero-day and more.
Marcus Ranum chat: Software development practices and security
by Marcus J. Ranum, Contributor
Security expert Marcus Ranum talks with Brian Chess, formerly of HP, about coding practices and security.
Information security threats: Building risk resilience
by Steve Durbin, Contributor
Enterprises need an agile risk management strategy to deal with today’s evolving threats.
- Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer by Michael S. Mimoso, Editorial Director
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...