PCI Compliance
View on ScienceDirect

PCI Compliance

Understand and Implement Effective PCI Data Security Standard Compliance

4th Edition - October 29, 2014
  • Authors: Branden Williams, Anton Chuvakin
  • Paperback ISBN: 9780128015797
  • eBook ISBN: 9780128016510

Purchase options

Purchase options
Available
DRM-free (Mobi, EPub, PDF)
eBook Format Help
Sales tax will be calculated at check-out

Institutional Subscription

Support CenterReturns & Refunds
Free Global Shipping
No minimum order

Description

Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition. Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifiable information.

Key Features

  • Completely updated to follow the most current PCI DSS standard, version 3.0
  • Packed with help to develop and implement an effective strategy to keep infrastructure compliant and secure
  • Includes coverage of new and emerging technologies such as NFC, P2PE, CNP/Mobile, and EMV
  • Both authors have broad information security backgrounds, including extensive PCI DSS experience

Readership

IT security professionals (security auditors, security engineers, compliance specialists, etc.); IT professionals (network administrators, IT managers, security managers, security analysts, directors of security, etc.)

Table of Contents

    1. About PCI and This Book
    2. Introduction to Fraud, ID Theft, and Regulatory mandates
    3. Why PCI is Here
    4. Determining and Reducing the PCI Scope
    5. Building and Maintaining a Secure Network
    6. Strong Access Controls
    7. Protect Cardholder Data
    8. Using Wireless Networking
    9. Vulnerability Management and Testing
    10. Logging Events and Monitoring the Cardholder Data Environment
    11. Cloud and Virtualization
    12. Mobile
    13. PCI DSS for the Small Business
    14. Managing PCI DSS Projects to Achieve Compliance
    15. Don't Fear the Assessor
    16. The Art of Compensating Control
    17. So You're Compliant, Now What?
    18. Emerging Technology and Alternative Payment Schemes
    19. PCI DSS Myths and Misconceptions

Product details

  • No. of pages: 386
  • Language: English
  • Copyright: © Syngress 2014
  • Published: October 29, 2014
  • Imprint: Syngress
  • Paperback ISBN: 9780128015797
  • eBook ISBN: 9780128016510

About the Authors

Branden Williams

Branden R. Williams (CISSP, CISM, CPISA, CPISM) leads an information security practice in a Global Security Consulting group at a major security firm in Flower Mound, TX and teaches in the NSA Certified Information Assurance program at the University of Dallas's Graduate School of Management. Branden has been involved in information technology since 1994, and focused on information security since 1996. He started consulting on payment security in 2004, assessing companies against the Visa CISP and Mastercard SDP programs. He has a Bachelors of Business Administration in Marketing from the University of Texas, Arlington, and a Masters of Business Administration in Supply Chain Management and Market Logistics from the University of Dallas.

Branden publishes a monthly column in the ISSA Journal entitled "Herding Cats," and authors a blog at http://www.brandenwilliams.com/.

Affiliations and Expertise

CISSP, CISM, CPISA, CPISM, and CTO of a Global Security Consulting group at a major security firm in Flower Mound, TX

Anton Chuvakin

Dr. Anton Chuvakin is a recognized security expert in the field of log

management and PCI DSS compliance. He is an author of the books "Security Warrior" and "PCI

Compliance" and has contributed to many others, while also publishing dozens of papers on

log management, correlation, data analysis, PCI DSS, and security management. His blog

(http://www.securitywarrior.org) is one of the most popular in the industry.

Additionaly, Anton teaches classes and presents at many security conferences across the world

and he works on emerging security standards and serves on the advisory boards of

several security start-ups. Currently, Anton is developing his security consulting practice,

focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations.

Anton earned his Ph.D. from Stony Brook University.

Affiliations and Expertise

is a recognized security expert in the field of log management and PCI DSS compliance.