Newsroom

The Payment Cards Industry Security Standards Council last week published a "Responding to a Data Breach" guide specifically detailing best practices for responding to retailer data breaches.

"Ultimately, attacks against vulnerable payment systems will continue, and attackers will innovate when necessary and scale their attacks to the greatest extent possible," the council said. "A robust defense against this includes both preventative and responsive measures, including a carefully prepared incident response plan that accounts for any given entity's unique combination of systems, people and organization."

The council recommended that financial institutions prepare an incident response plan and work with a Payments Cards Industry forensic investigator. It also recommended notifying business partners and third-party contracts as well as testing incident response plans.

NCUA announced this month that cybersecurity threat response is its top priority for 2016 and highlighted the Federal Financial Institutions Examination Council's cybersecurity self-assessment tool. That tool will be incorporated into the exam process this summer, the agency says.