Auditor
Páginas: 32 (7922 palabras)
Publicado: 27 de febrero de 2012
Interested in learning more about security?
SANS Institute InfoSec Reading Room
This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission.
PCI DSS and Incident Handling: What is required before, during and after an incident
There is no perfect security; PCI DSS certified companies should be prepared to handle security incidents.Copyright SANS Institute Author Retains Full Rights
AD
PCI DSS and Incident Handling
PCI DSS and Incident Handling What is required before, during and Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 after GCIH Gold Certification
09 ,
Au
tho
rr
eta
ins
an Incident
SA
NS
©
Ins titu
Christian_moldes@hotmail.com
Adviser: Dominicus Adriyanto
te
Author: Christian J.Moldes
Accepted: February 27, 2009
© SANS Institute 2009,
As part of the Information Security Reading Room
20
ful l
Author retains full rights.
rig
hts
.
PCI DSS and Incident Handling
Outline
1. 2. 2.1. 3. 4. 4.1. 4.2 5. 5.1. 6.
Introduction ................................................... 4 PCI Security Standards Council and PCI DSS ............... 5
Incident HandlingPhases..................................... 7 Preparation Phase ............................................. 7
Processes that Should Be in Place ......................... 16 Identification and Containment Phases .................... 18
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Eradication and Recovery phases ........................... 21
6.1. 6.2. 6.3. 7. 7.1. 8. 9.
ForensicInvestigations and Audits........................ 21 Failing to Report an Incident.............................. 23
NS
10.
©
SA
Appendix A: Requirements Matrix ..................................... 29 Appendix B: Payment Card References ................................ 31 Acknowledgments ........................................................ 32
1
Christian J. Moldes, CISM, CISSP, CISA, PCIQSA, PA QSA, GIAC GCIH
Ins titu
Lessons Learned Phase ....................................... 23 General Recommendations ..................................... 24 The Cost of a Security Breach.............................. 25 Additional Payment Card Brands Consequences ............. 26
How the Payment Card Companies Determine Liability .... 27
te
© SANS Institute 2009,
As part of theInformation Security Reading Room
20
Reporting the Incident ...................................... 21
09 ,
Common Attack Vectors ....................................... 20
Au
tho
Required Documentation ....................................... 8
rr
eta
Is PCI DSS enough to avoid being breached? ............... 5
ins
ful l
Abstract .................................................................3
rig
Author retains full rights.
hts
.
PCI DSS and Incident Handling
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
©
SA
NS
Ins titu
te
20
09 ,
Au
tho
rr
eta
ins
ful l
Christian J. Moldes, CISM, CISSP, CISA, PCI QSA, PA QSA, GIAC GCIH 2
© SANS Institute 2009,
As part of the Information Security Reading Room
rig
References.............................................................. 33
hts
Author retains full rights.
.
PCI DSS and Incident Handling
PCI DSS requires companies to comply with a set of specific requirements whenever they process, transmit or store payment card transactions. Every year companies have to demonstrate compliance, and renew their certification; breaches. however, many
ins
of for
ful l
them status,
rigAbstract
suffering
security
Regardless
their
companies should be prepared to deal with a cardholder data breach. PCI DSS does not provide specific guidelines on how to handle a security breach. Each payment card brand has its own policies and
compromised organization that does not follow the payment brands’
itself to hefty fines and the risk of losing the authorization to
Key fingerprint = AF19...
SANS Institute InfoSec Reading Room
This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission.
PCI DSS and Incident Handling: What is required before, during and after an incident
There is no perfect security; PCI DSS certified companies should be prepared to handle security incidents.Copyright SANS Institute Author Retains Full Rights
AD
PCI DSS and Incident Handling
PCI DSS and Incident Handling What is required before, during and Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 after GCIH Gold Certification
09 ,
Au
tho
rr
eta
ins
an Incident
SA
NS
©
Ins titu
Christian_moldes@hotmail.com
Adviser: Dominicus Adriyanto
te
Author: Christian J.Moldes
Accepted: February 27, 2009
© SANS Institute 2009,
As part of the Information Security Reading Room
20
ful l
Author retains full rights.
rig
hts
.
PCI DSS and Incident Handling
Outline
1. 2. 2.1. 3. 4. 4.1. 4.2 5. 5.1. 6.
Introduction ................................................... 4 PCI Security Standards Council and PCI DSS ............... 5
Incident HandlingPhases..................................... 7 Preparation Phase ............................................. 7
Processes that Should Be in Place ......................... 16 Identification and Containment Phases .................... 18
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Eradication and Recovery phases ........................... 21
6.1. 6.2. 6.3. 7. 7.1. 8. 9.
ForensicInvestigations and Audits........................ 21 Failing to Report an Incident.............................. 23
NS
10.
©
SA
Appendix A: Requirements Matrix ..................................... 29 Appendix B: Payment Card References ................................ 31 Acknowledgments ........................................................ 32
1
Christian J. Moldes, CISM, CISSP, CISA, PCIQSA, PA QSA, GIAC GCIH
Ins titu
Lessons Learned Phase ....................................... 23 General Recommendations ..................................... 24 The Cost of a Security Breach.............................. 25 Additional Payment Card Brands Consequences ............. 26
How the Payment Card Companies Determine Liability .... 27
te
© SANS Institute 2009,
As part of theInformation Security Reading Room
20
Reporting the Incident ...................................... 21
09 ,
Common Attack Vectors ....................................... 20
Au
tho
Required Documentation ....................................... 8
rr
eta
Is PCI DSS enough to avoid being breached? ............... 5
ins
ful l
Abstract .................................................................3
rig
Author retains full rights.
hts
.
PCI DSS and Incident Handling
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
©
SA
NS
Ins titu
te
20
09 ,
Au
tho
rr
eta
ins
ful l
Christian J. Moldes, CISM, CISSP, CISA, PCI QSA, PA QSA, GIAC GCIH 2
© SANS Institute 2009,
As part of the Information Security Reading Room
rig
References.............................................................. 33
hts
Author retains full rights.
.
PCI DSS and Incident Handling
PCI DSS requires companies to comply with a set of specific requirements whenever they process, transmit or store payment card transactions. Every year companies have to demonstrate compliance, and renew their certification; breaches. however, many
ins
of for
ful l
them status,
rigAbstract
suffering
security
Regardless
their
companies should be prepared to deal with a cardholder data breach. PCI DSS does not provide specific guidelines on how to handle a security breach. Each payment card brand has its own policies and
compromised organization that does not follow the payment brands’
itself to hefty fines and the risk of losing the authorization to
Key fingerprint = AF19...
Leer documento completo
Regístrate para leer el documento completo.