An ideal introduction to PCI DSS v3.2.1
All businesses that accept payment cards are prey for criminal hackers
trying to steal financial information and commit identity fraud. The PCI
DSS (Payment Card Industry Data Security Standard) exists to ensure that
businesses process credit and debit card payments in a way that
effectively protects cardholder data.
All organisations that accept, store, transmit or process cardholder
data must comply with the Standard; failure to do so can have serious
consequences and expensive repercussions. These range from customer
desertion and brand damage to significant financial penalties and
operating restrictions imposed by their acquiring bank.
Covering PCI DSS v3.2.1, this handy pocket guide provides all the
information you need to consider as you approach the Standard. It is
also an ideal training resource for those in your organisation involved
with payment card processing. Topics include:
- An overview of PCI DSS v3.2.1
- How to comply with the requirements of the Standard
- Maintaining compliance
- The PCI SAQ (self-assessment questionnaire)
- The PCI DSS and ISO 27001
- Procedures and qualifications
- An overview of the PA-DSS (Payment Application Data Security Standard)
- PTS (PIN Transaction Security)
- Software-based PIN entry
Buy your copy of this quick-reference guide to PCI DSS v3.2.1
today!
About the authors
Alan Calder is a leading author on IT governance and information
security issues. He is the CEO of GRC International Group plc, the
AIM-listed company that owns IT Governance Ltd.
Alan is an acknowledged international cyber security guru. He is a
frequent media commentator on information security and IT governance
issues, and has contributed articles and expert comment to a wide range
of trade, national and online news outlets.
Geraint Williams is the CISO for the GRC International Group of
companies, and a knowledgeable and experienced senior information
security consultant and former PCI QSA, with a strong technical
background and experience in the PCI DSS and security testing.
Geraint has provided consultancy on implementing the PCI DSS, and has
conducted audits for a wide range of merchants and service providers as
well as penetration testing and vulnerability assessments for clients.
He has broad technical knowledge of security and IT infrastructure,
including high-performance computing and Cloud computing. His
certifications include CISSP(R) and PCIP.
