How to Save Money with a PCI Forensic Investigator (PFI)By: Jeff Multz
They may seem to have nothing in common, but retailers, nonprofits, universities, banks and law firms do one thing that puts them at risk for a cyber security breach: they accept or work with credit card companies. If your organization works with or accepts any payment card brand and has a cyber security breach, you may be required to hire a Payment Card Industry Forensic Investigator (PFI).
Payment Card Brand Requirements for a PCI Forensic Investigator
The Payment Card Brands won’t accept just any incident response team to handle a partner’s remediation. PCI says, “Such forensic investigations can be complex, challenging, and require the forensic investigator to possess highly specialized skills, proven staff and experience, and the ability to provide rapid and potentially global response.”
Each of the Payment Card Brands, individually, is responsible for developing and enforcing its own programs regarding when and how PFI Investigation may be required. They will only accept investigative reports from approved PFIs. The brands normally require your PFI to investigate the information security issue, determine the root cause, and report back to affected participating Payment Card Brands.
How a PCI Forensic Investigator can help your Organization
As soon as you suspect your network has been breached, you should contact a PFI. The average cost of a cyber security breach in the U.S. is $5.4 million per organization and $188 per compromised record, according to the Ponemon Institute 2013 Cost of Data Breach Study. Preparing for an incident and having specialized responders ready immediately can save a compromised U.S. organization as much as $55 per record, according to the study. The faster a company remediates a data security breach, the faster it stops the loss of data and financial information. The moment cyber attackers are in your network, the more time they have to steal personal information on you and your customers, steal credit card data, and funds from your financial accounts. The attackers and the malware have become so adept at hiding in your network that it’s difficult even for remediation experts to be sure they have removed all the malware and shut all the “backdoors,” or hidden entrances to your network. If responders find three pieces of malware and miss two others pieces left behind, your responders have not resolved your problem. Any malware that has been left behind or any backdoor that remains open, allows the attacker to remain in your network or resurface.
Dell SecureWorks is one of only 11 PCI Forensic Investigators in the U.S. With an entire practice dedicated to Incident Response (IR) and Digital Forensics, Dell SecureWorks can investigate and remediate cyber security breaches for organizations of all sizes.
Dell SecureWorks Information Security Analysts work closely with our Counter Threat UnitTM (CTU), which actively monitors the global cyber threat landscape and is familiar with the tactics, tools and procedures the attackers use. That knowledge helps our responders remediate breaches far quicker than otherwise possible, as it gives them insider knowledge, so they know what to look for and where to most likely find it inside a network.
Learn more about Dell SecureWorks PCI Compliance Services.