PCI Requirement 12.10.5 – Include Alerts from Security Monitoring Systems, Including but Not Limited to Intrusion-Detection, Intrusion-Prevention, Firewalls, and File-Integrity Monitoring Systems
by Randy Bartels / July 3rd, 2018
Monitoring Mechanisms in Incident Response Plans PCI Requirement 12.10.5 states that your incident response plan should, “Include alerts from security monitoring systems, including…
PCI Requirement 12.10.4 – Provide Appropriate Training to Staff with Security Breach Responsibilities
by Randy Bartels / July 3rd, 2018
Training Your Incident Response Team PCI Requirement 12.10.4 requires that your organization provides appropriate training to staff with security breach response responsibilities. One…
PCI Requirement 12.10.3 – Designate Specific Personnel to Be Available on a 24/7 Basis
by Randy Bartels / July 3rd, 2018
24/7 Incident Response Team Even if you’re a small organization, PCI Requirement 12.10.3 requires that you designate specific personnel to be available on…
PCI Requirement 12.10.2 – Review and Test the Plan at Least Annually
by Randy Bartels / July 3rd, 2018
Testing Your Incident Response Plan You must test your incident response plan. What’s the point of the plan if you aren’t sure that…
PCI Requirement 12.10.1 – Create the Incident Response Plan to Be Implemented in the Event of System Breach
by Randy Bartels / July 3rd, 2018
Elements of Your Incident Response Plan To develop a thorough incident response plan, PCI Requirement 12.10.1 lists out the elements that should be…