The Future of Fraud Protection?
Main Street
March 2, 2010  

The British are coming, but this time it’s all about a new type of credit card that may change the way U.S. consumers use their plastic. It’s called “chip and PIN” and here’s how it’s set to change your credit card life — if it ever makes it over the big pond.

Typically, the average credit card uses that ubiquitous magnetic stripe (after years of using a mechanical imprint on the front end of the card) to record transactions. While there has hardly been an uproar for change in the way card transactions are processed, the “old” way of using magnetic stripes and numerical imprints to process transactions does leave card owners vulnerable to theft and fraud. READ MORE...

Credit card data security: Who's responsible?
Netwrok World
February 11, 2010

About a year ago security at Heartland Payment Systems Inc. was breached and information affecting more than 100 million credit cards stolen. Was it Heartland's fault, or should the credit card companies shoulder more of the responsibility?

The experts: Phil Lieberman, CEO of Lieberman Software, argues that Heartland met its legal obligations and the breach was not the company's fault, but rather due to the lack of smart card technology that credit card issuers refuse to issue in the United States.

Henry Helgeson, CEO of Merchant Warehouse, argues that it's the job of merchant account providers like his company (and Heartland), to take the security measures necessary to prevent breaches, but enhancing existing cards could help. READ MORE...



Attempted Hacker Attacks in Healthcare on the Rise
Healthcare IT News
January 27, 2010

ATLANTA – The information security service SecureWorks, which protects 82 healthcare companies in the United States, reported Tuesday that attempted hacker attacks aimed at its clients doubled in the fourth quarter of 2009.

While the first nine months of the year averaged 6,500 attack attempts per day, the last three months saw that number leap to 13,400, SecureWorks reports. Most striking about those figures is that other companies protected by the firm saw no similar increase. READ MORE...



In The Boardroom With... Mr. Neville Pattinson, Vice President of Standards and Government Affairs, Gemalto North America
SecurityStockWatch.com
November 12, 2009

SecurityStockWatch.com: Thank you for joining us today, Neville. Please give us an overview of your background and your role at Gemalto.

Neville Pattinson: I currently lead the Government Programs activity within the Security business unit of Gemalto North America. In this role, I focus on government based e-documents and identity credentials. This focus has provided several opportunities to be an advisor to U.S. government policy makers, program managers and key technology partners providing products and services to the federal government. In addition to this role, I am the chairman of the Smart Card Alliance and chair of the Smart Card Alliance’s Identity Council; a founding member of the Secure ID Coalition and am currently serving a three year appointment to the Department of Homeland Security’s Data Protection and Integrity Advisory Committee. Any views expressed in this interview are not representative of the Smart Card Alliance or the Department of Homeland Security or the DHS DPIAC. READ MORE...



Study: Healthcare isn't ready for new security rules
Health Care News
November 12, 2009

OAK BROOK, IL – A recent survey of healthcare organizations found that 94 percent aren't ready to comply with the privacy and security provision of the Health Information Technology for Economic and Clinical Health (HITECH) Act, which take effect next February.

The survey of 77 U.S. healthcare organizations was conducted by the Ponemon Institute and sponsored by Crowe Horwath LLP, one of the largest public accounting and consulting firms in the United States.
The HITECH Act extends the Health Insurance Portability & Accountability Act's (HIPAA) rules for security and privacy safeguards, including increased enforcement, penalties and audits. READ MORE...



Features: Identity Crisis: DHS chief Janet Napolitano treads a fine line between security and privacy in the push to get federal ID programs off the ground
Government Executive
September 1, 2009

When Janet Napolitano was awaiting confirmation as secretary of the Homeland Security Department, one of the senators she stopped in to visit on Capitol Hill was Republican George Voinovich of Ohio.
He had some blunt questions for the Arizona governor about the 2005 REAL ID Act, the controversial law that requires all American driver's licenses to meet federal anti-fraud standards. A former governor himself, Voinovich saw the $4 billion REAL ID program as a massive, unfunded mandate.
To his delight, Napolitano didn't raise a finger to defend the program, enacted under President Bush. On the contrary, she wholeheartedly agreed with the senator's complaints, Voinovich recalls. In fact, as governor she signed legislation barring her state from fully cooperating with REAL ID. "She gets it," he says. READ MORE...

Q&A: DHS Cybersecurity Chiefs Speak Ouy: The Department of Homeland Security aims to grow its cybersecurity workforce and technical capabilities, Phil Reitinger and Greg Schaffer say
Information Week
August 27, 2009

InformationWeek: I wanted to start by talking about your role, your goals and some of the things that are going on there right now.

Reitinger: Cybersecurity always has been and always will be a distributed effort. If people want to say, well, there's a single locus of cybersecurity and anything and everything will be handled from one point, I say, dream on. We want to build cybersecurity into the DNA of the infrastructure, into the DNA of the businesses, into the DNA of all the government entities. READ MORE...

DoD Offical Says U.S. Needs Seperate Cyberczar For Online Identity: Deputy Assistant Secretary of Defense Robert Lentz said a national leader is needed for reducing problems with anonymity on the Net
Dark Reading
July 30, 2009

BLACK HAT USA -- LAS VEGAS -- A top Defense Department official today called for a second national cybersecurity czar dedicated to handling problems and risks associated with anonymity on the Internet.

Robert Lentz, who is the deputy assistant secretary of defense for cyber, identity, and information assurance in the Office of the Assistant Secretary of Defense as well as the chief information assurance officer for DoD, in his keynote address here at Black Hat USA told attendees here that identity is at the heart of securing the Internet.

"In my opinion, there needs to be a cyberczar just for identity. Without that, we're going to be done," said Lentz, who said reducing anonymity is key to ensuring security and resiliency on the Net. He noted that reducing anonymity also will generate debate over "legitimate privacy concerns," too. READ MORE...

Schumer Cools to E-Verify; Could Seek More Robust System
CQ
July 22, 2009

With few exceptions, the role of worker eligibility verification in the context of the immigration debate has focused on one program in recent years: E-Verify.

As the only national worker verification system with a government mandate — E-Verify is administered by the Department of Homeland Security and works by data-matching Social Security Administration information — it has long been presumed that the program would form the backbone of worker verification provisions of a comprehensive immigration bill, language for which lawmakers in both the Senate and House have promised can be ready by Labor Day. READ MORE...

Napolitano Debates Real ID
Washington Times
February 20, 2009

As governor of Arizona, Janet Napolitano was no fan of the Real ID program that sets federal standards for state-issued driver's licenses which will be required in the future to board airplanes.

Now that she is Homeland Security secretary and overseeing the department that governs the contentious law, Miss Napolitano says she wants to examine "realistic options" with the officials who must put the program into action - the nation's governors.

Specifically, Miss Napolitano said she is looking at Washington state's modified version of the Western Hemisphere Travel Initiative program. The Pacific state issues security-enhanced driver's licenses that are accepted for crossing into the state from Canada. READ MORE...

Episode 25: Outlook for Obama and Identity
Secure ID News
February 9, 2009

Does President Obama have biometrics in his Blackberry? Secure ID Coalition Executive Director Kelli Emerick and Regarding ID Editor Zack Martin talk about this and how the new tech-savvy administration may affect different ID initiatives. Listen to the podcast HERE...

Prospect of big bucks for health IT draws cheers from many: Privacy advocates caution Congress on the need for consumer protections
Government Health IT
January 14, 2009

In a series of press conferences and similar events in Washington today, business leaders, the informatics community, the Partnership to Fight Chronic Disease and others expressed enthusiasm for the inclusion of billions of dollars for health IT in the forthcoming economic recovery bill.

The lone dissent came from a bipartisan coalition of 30 organizations that called for including privacy protections in any health IT funding measure. The Coalition for Patient Privacy said in a letter to congressional leaders that “consumer trust is essential to health IT adoption and participation, and only attainable with privacy safeguards.” READ MORE...

Governments accounted for 1 out of 5 breaches that exposed private data
Nextgov
January 7, 2009

The number of security breaches that exposed personal identifiable information in government systems in 2008 was far below what the private sector reported, according to a series of reports released by a consumer protection organization on Tuesday.

Of the 656 security breaches reported last year, 16.8 percent occurred in systems operated by state, local and federal governments, including military networks, according to a compilation of reports released by the Identity Theft Resource Center.

The number of breaches reported in 2008 increased 47 percent compared with 2007. But the percentage of incidents the government reported decreased in 2008, dropping from 24.5 percent of the total breaches reported.
Companies in the financial and credit market accounted for 11.9 percent of the breaches while organizations in the health care sector were responsible for 14.8 percent. Businesses in general accounted for 36.6 percent of infiltrations, or 240 incidents, and educational institutions accounted for 20 percent. READ MORE...

Border-Crossing Cards Can Be Copied
Wall Street Journal
October 23, 2008

New U.S. border-crossing cards can be copied and remotely disabled with off-the-shelf equipment, researchers said, the latest finding of security weaknesses in wireless technology.

The Department of Homeland Security, which has reviewed the findings, said it was aware of the possibility of electronic mischief and wasn't concerned. READ MORE...