24/7 Incident Response Team
Even if youâre a small organization, PCI Requirement 12.10.3 requires that you designate specific personnel to be available on a 24/7 basis to respond to alerts. The PCI DSS explains, âWithout a trained and readily available incident response team, extended damage to the network could occur, and critical data and systems may become âpollutedâ by inappropriate handling of the targeted systems. This can hinder the success of a post-incident investigation.â
Breaches donât work around holidays, birthdays, or anniversaries â a breach could happen at any time. How will your organization meet PCI Requirement 12.10.3?
From a PCI DSS perspective, youâre required to have someone available 24/7 to react in the event of a breach. Where we see most organizations struggle with this is if youâre a small organization, perhaps youâre a one- to two- person show, it gets pretty hard to deal with this during holidays, birthdays, and anniversaries, or even on religious days such as the Sabbath. In that situation, you need to take into account how you want to meet the 24/7 requirement, making sure that in the event that there is a breach that somebody is available to respond to those events.