The PCI Security Standards Council has announced new guidelines to help organizations respond to data breaches.

“Responding to a Data Breach: A How-to Guide for Incident Management” provides retailers and service providers with key recommendations so they can be prepared to react quickly if a breach is suspected. It specifically suggests what they should do to contain damage and launch an effective investigation.

The guide was developed in collaboration with the Payment Card Industry (PCI) Forensic Investigators (PFI) community. The PCI Security Standards Council is a global forum responsible for the development, management, education, and awareness of the PCI Data Security Standard and other standards that increase payment data security.

“The silver lining to high-profile breaches that have occurred is that there is a new sense of urgency that is translating into security vigilance from the top down, forcing businesses to prioritize and make data security business-as-usual,” Stephen W. Orfei, PCI SSC general manager, said in a statement.

“Prevention, detection and response are always going to be the three legs of data protection,” Orfei said. “Better detection will certainly improve response time and the ability to mitigate attacks, but managing the impact and damage of compromise comes down to preparation, having a plan in place and the right investments in technology, training and partnerships to support it.”

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access