Praise for Payment Card Industry Data Security Standard Handbook
"While providing insightful guidance on a holistic approach to tackling the Dirty Dozen of PCI, this book also teaches the fundamental principles of information security management. The PCI DSS Handbook is a must-read for all levels of security managers."
—John Reeder, CISSP, CISM, CISA, CIPP, Vice President, Information Security & Compliance
"There's a lot of noise surrounding PCI compliance. This book is the perfect resource to help clear the air so people can focus on what's important."
—Kevin Beaver, security consultant and creator of the Security On Wheels audio programs
Your single source for understanding the Payment Card Industry data Security Standard
The significant benefits of extensive payment card use and rapid advances in technology are immense, but also require your organization to address the specific challenges associated with protecting its cardholder data and cardholder data environments.
Clearly written and easy to use, Payment Card Industry Data Security Standard Handbook is your single source along the journey to compliance with the Payment Card Industry Data Security Standard (PCI DSS), addressing the payment card industry standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures.
This all-inclusive resource for payment card industry compliance shows you how your organization can:
Protect cardholder data, with discussion of the requirements necessary to ensure cardholders are properly protected
Maintain a vulnerability management program in order to minimize the overall vulnerability of the cardholder data environment
Implement strong access control measures in order to achieve PCI DSS compliance
Regularly monitor and test networks to find out how networks must be monitored and tested
Enforce an information security policy and what it must contain in order to be PCI DSS-compliant
Payment Card Industry Data Security Standard Handbook presents an overall view of the essential components and best practices for successful implementation of an information security program, as well as a deeper understanding of how to put compliance into action while maintaining your business objectives.
About the Author
Timothy M. Virtue, CISSP, CISA, CCE, CFE, CIPP/G, is an accomplished information security and risk management professional who specializes in the strategic application of information risk management methodologies to operational business goals and objectives.