PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance - 3rd edition


Posted on by Ben Rothke

PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is now out in its 3rd edition.  My review of the 2nd edition is here.

While much of PCI has pretty much stayed the same; in the two years since the 2nd edition came out, the PCI DSS standard itself has moved from version 1.2 to 2.0.

Like the other editions of the book, it provides a comprehensive and clear explanation of the 12 core PCI requires, with an emphasis on the updates to v2.0.

Rather than simply rehash the details of the PCI DSS, the authors bring their real-world experience to the book and much of the benefits can be gleaned through their practical scenarios and advice for compliance.  Numerous case studies take the abstract concepts and make them more understandable.

The 3rd-edtion also provides advice on how to manage a PCI assessment project, dealing with QSA’s, compensating controls, and emerging technology and alternate payment schemes.

The book concludes with a chapter on 8 myths and misconceptions of PCI DSS.  Of particular interest in myth #5 PCI is all we need for security and myth #6 PCI DSS is really easy.

For those looking to get an understand of what they need to do in order to become PCI compliant,PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance is certainly a great reference to use.


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

risk management data security

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs