Epilogue: Spend now or pay later
Having a response plan and the rapid response team to carry out the plan will be the focal point of all information, if and when a data breach occurs. Having the tools in place before a data breach will determine whether an organization will survive the data breach and retain their customer base.
"Although it's difficult to make specific plans for an unspecified event, spending time now on your response plan can be a wise investment. It's always easier and faster to fine-tune your plan, should a breach occur, than to start from scratch. Ask anyone who has been through a data breach event - immediate action is critical to a successful response," wrote Beth Lynn, a vice president at First Data Corporation and the privacy officer for First Data Debit Services in Wilmington, Del., in an article entitled, "Are You Prepared for a Data Breach?"
PCI Compliance standards and an organization's security plan should work hand-in-hand, if an organization is cognizant that protecting customer data is not only a law in most states, it should be an internal standard at all times no matter the cost.
"While PCI compliance seems like another IT security headache, most of it is based in established security procedures and policies. And, with a lineup of well-known consultants, compliance can be integrated into a company's existing security program," wrote Dubin.
 Print this page
 Send this page to a friend
|
