what we're reading, week of 1/19
von VPNHaus | 22.01.2009 |Highlights
From around the Blogosphere…
Heartland Payment Systems issued a statement Wednesday that intruders hacked into its computers that was used to process 100 million payment card transactions per month for 175,000 merchants. Security experts are saying this hack may be bigger than the 2007 TJX hack. As expected, bloggers are weighing in. We highlighted the best commentary here.
Tim Wilson from Dark Reading gives a thorough overview of the Heartland situation, while Adam O'Donnell and Tim Naraine from ZD Net make the recommendation to check past credit card statements just to be safe. Too lazy to read about it? Check out the podcast by Martin McKeay of Network Security Blog. Time well spent for this podcast. Ironically, Endpoint-Security reported BEFORE Heartland that data breaches were up near 50% in 2008 (mostly due to insider threats). Doesn’t bode well for 2009.
From Security Warrior…
Tales From the “Compliance First!” World
Dr. Anton Chuvakin touches upon the PCI DSS compliance issue several times on his blog. On a recent post he stresses the importance security has in addition to compliance. Anton’s advice to readers: ‘if compliance is your first priority, make security your second, and vice versa’
From Andy IT Guy...
Requirements are required
From a previous post Andy discusses some of the reasons security investments fail, and in that post he mentions the mistake of purchasing the wrong technology. Andy recommends defining your requirements prior to making a purchasing decision—knowing this prevents failures and VPNs are one area that usually is left out of planning cycles - creating 'work arounds' with sub-par technology is a mistake