PCI Compliance

3rd Edition

Understand and Implement Effective PCI Data Security Standard Compliance

Authors: Branden Williams Anton Chuvakin
Paperback ISBN: 9781597499484
eBook ISBN: 9781597499538
Imprint: Syngress
Published Date: 13th August 2012
Page Count: 360
59.95 + applicable tax
36.99 + applicable tax
45.95 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. Security breaches continue to occur on a regular basis, affecting millions of customers and costing companies millions of dollars in fines and reparations. That doesn’t include the effects such security breaches have on the reputation of the companies that suffer attacks. PCI Compliance, 3e, helps readers avoid costly breaches and inefficient compliance initiatives to keep their infrastructure secure.

Key Features

  • Provides a clear explanation of PCI
  • Provides practical case studies, fraud studies, and analysis of PCI
  • The first book to address version 2.0 updates to the PCI DSS, security strategy to keep your infrastructure PCI compliant

Readership

IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.), IT Professionals (Network Administrators, IT Managers, Security Managers, Security Analysts, Directors of Security,etc.)

Table of Contents

Acknowledgements

About the Authors

Foreword

Chapter 1. About PCI and This Book

Who Should Read This Book?

How to Use The Book in Your Daily Job

What This Book is Not

Organization of the Book

Summary

Chapter 2. Introduction to Fraud, Data Theft, and Related Regulatory Mandates

Summary

Chapter 3. Why Is PCI Here?

What is PCI and Who Must Comply?

PCI DSS in Depth

Quick Overview of PCI Requirements

PCI DSS and Risk

Benefits of Compliance

Case Study

Summary

REFERENCES

Chapter 4. Determining and Reducing the PCI Scope

The Basics of PCI DSS Scoping

The “Gotchas” of PCI Scope

Scope Reduction Tips

Planning Your PCI Project

Case Study

Summary

Chapter 5. Building and Maintaining a Secure Network

Which PCI DSS Requirements Are in This Domain?

What Else Can You Do to Be Secure?

Tools and Best Practices

Common Mistakes and Pitfalls

Case Study

Summary

Chapter 6. Strong Access Controls

Which PCI DSS Requirements are in this Domain?

What Else Can You Do to Be Secure?

Tools and Best Practices

Common Mistakes and Pitfalls

Case Study

Summary

Chapter 7. Protecting Cardholder Data

What is Data Protection and Why is it Needed?

Requirements Addressed in This Chapter

PCI Requirement 3: Protect Stored Cardholder Data

Requirement 3 Walk-Through

What Else Can You Do to Be Secure?

PCI Requirement 4 Walk-Through

Requirement 12 Walk-Through

Appendix A of PCI DSS

How to Become Compliant and Secure

Common Mistakes and Pitfalls

Case Study

Summary

REFERENCES

Chapter 8. Using Wireless Networking

What is Wireless Network Security?

Where is

Details

No. of pages:
360
Language:
English
Copyright:
© Syngress 2012
Published:
Imprint:
Syngress
eBook ISBN:
9781597499538
Paperback ISBN:
9781597499484

About the Author

Branden Williams

Branden R. Williams (CISSP, CISM, CPISA, CPISM) leads an information security practice in a Global Security Consulting group at a major security firm in Flower Mound, TX and teaches in the NSA Certified Information Assurance program at the University of Dallas's Graduate School of Management. Branden has been involved in information technology since 1994, and focused on information security since 1996. He started consulting on payment security in 2004, assessing companies against the Visa CISP and Mastercard SDP programs. He has a Bachelors of Business Administration in Marketing from the University of Texas, Arlington, and a Masters of Business Administration in Supply Chain Management and Market Logistics from the University of Dallas. Branden publishes a monthly column in the ISSA Journal entitled "Herding Cats," and authors a blog at http://www.brandenwilliams.com/.

Affiliations and Expertise

CISSP, CISM, CPISA, CPISM, and CTO of a Global Security Consulting group at a major security firm in Flower Mound, TX

Anton Chuvakin

Dr. Anton Chuvakin is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of the books "Security Warrior" and "PCI Compliance" and has contributed to many others, while also publishing dozens of papers on log management, correlation, data analysis, PCI DSS, and security management. His blog (http://www.securitywarrior.org) is one of the most popular in the industry. Additionaly, Anton teaches classes and presents at many security conferences across the world and he works on emerging security standards and serves on the advisory boards of several security start-ups. Currently, Anton is developing his security consulting practice, focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations. Anton earned his Ph.D. from Stony Brook University.

Affiliations and Expertise

is a recognized security expert in the field of log management and PCI DSS compliance.

Reviews

"Williams and Chuvakin provide background on Version 2.0 of the Payment Card Industry Data Security Standard (PCI DSS), the minimum standard with which vendors must comply to ensure data security. They also provide instruction on how to implement security that is in compliance with industry guidelines and successfully ensures the safety of sensitive and personally identifiable information." --Reference and Research Book News, August 2013