The Payment Card Industry Data Security Standard (PCI DSS) is now in its 18th year, and it is continuing to dominate corporate security budgets and resources. If you accept, process, transmit, or store payment card data branded by Visa, MasterCard, American Express, Discover, or JCB (or their affiliates and partners), you must comply with this lengthy standard.
Personal data theft is at the top of the list of likely cybercrimes that modern-day corporations must defend against. In particular, credit or debit card data is preferred by cybercriminals as they can find ways to monetize it quickly from anywhere in the world. Is your payment processing secure and compliant? The new Fifth Edition of PCI Compliance has been revised to follow the new PCI DSS version 4.0, which is a complete overhaul to the standard. Also new to the Fifth Edition are: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as Kubernetes, cloud, near-field communication, point-to-point encryption, Mobile, Europay, MasterCard, and Visa. This is the first book to address the recent updates to PCI DSS and the only book you will need during your PCI DSS journey. The real-world scenarios and hands-on guidance will be extremely valuable, as well as the community of professionals you will join after buying this book.
Each chapter has how-to guidance to walk you through implementing concepts and real-world scenarios to help you grasp how PCI DSS will affect your daily operations. This book provides the information that you need in order to understand the current PCI Data Security Standards and the ecosystem that surrounds them, how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally identifiable information. Our book puts security first as a way to enable compliance.
- Completely updated to follow the current PCI DSS version 4.0
- Packed with tips to develop and implement an effective PCI DSS and cybersecurity strategy
- Includes coverage of new and emerging technologies such as Kubernetes, mobility, and 3D Secure 2.0
- Both authors have broad information security backgrounds, including extensive PCI DSS experience
About the Author: Dr. Branden R. Williams has more than twenty-five years of experience as a technology executive where he has served virtually every industry as an information technology and cybersecurity consultant, as well as held high-level executive roles inside banks, other financial services firms, and top cybersecurity and technology vendors. He has been working with PCI DSS, CISP, and SDP since 2004.
Branden's intuitive understanding of how information technology drives business, his use of business intelligence tools to drive revenue and innovation, and his energy and likeable personality have earned him increasing responsibility and respect in the business and academic worlds. Using his keen business insights and ability to communicate with technical and non-technical audiences, he collaborates with executives to analyze, develop, and implement enterprise-wide solutions that support key business initiatives.
Branden has global experience working on six continents as a consultant and practitioner and holds a Masters and Doctor of Business Administration degrees. He teaches graduate-level courses at the University of Dallas as an adjunct and is a sought after speaker and author.
James K. Adamson has assisted clients in the payment security space for over 15 years as a PCI QSA and trusted advisor.
His work has included consulting with hundreds of organizations, ranging from Fortune 100s to startups, across many verticals, including retail, financial, travel, technology, medical, and service providers. He has deep expertise in assessing payment environments, reviewing security architectures and programs, and developing holistic approaches to addressing security and compliance needs.
James approaches compliance with the Payment Card Industry Data Security Standard to ensure that it helps organizations focus on protecting their customers' data, reducing risk, and improving business and security effectiveness.
