• Complain

Jim Seaman - Pci Dss: An Integrated Data Security Standard Guide

Here you can read online Jim Seaman - Pci Dss: An Integrated Data Security Standard Guide full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2020, publisher: APress, genre: Politics. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Jim Seaman Pci Dss: An Integrated Data Security Standard Guide
  • Book:
    Pci Dss: An Integrated Data Security Standard Guide
  • Author:
  • Publisher:
    APress
  • Genre:
  • Year:
    2020
  • Rating:
    3 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 60
    • 1
    • 2
    • 3
    • 4
    • 5

Pci Dss: An Integrated Data Security Standard Guide: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Pci Dss: An Integrated Data Security Standard Guide" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Gain a broad understanding of how PCI DSS is structured and obtain a high-level view of the contents and context of each of the 12 top-level requirements. The guidance provided in this book will help you effectively apply PCI DSS in your business environments, enhance your payment card defensive posture, and reduce the opportunities for criminals to compromise your network or steal sensitive data assets.

Businesses are seeing an increased volume of data breaches, where an opportunist attacker from outside the business or a disaffected employee successfully exploits poor company practices. Rather than being a regurgitation of the PCI DSS controls, this book aims to help you balance the needs of running your business with the value of implementing PCI DSS for the protection of consumer payment card data.

Applying lessons learned from history, military experiences (including multiple deployments into hostile areas), numerous PCI QSA assignments, and corporate cybersecurity and InfoSec roles, author Jim Seaman helps you understand the complexities of the payment card industry data security standard as you protect cardholder data. You will learn how to align the standard with your business IT systems or operations that store, process, and/or transmit sensitive data. This book will help you develop a business cybersecurity and InfoSec strategy through the correct interpretation, implementation, and maintenance of PCI DSS.


What You Will Learn

  • Be aware of recent data privacy regulatory changes and the release of PCI DSS v4.0
  • Improve the defense of consumer payment card data to safeguard the reputation of your business and make it more difficult for criminals to breach security
  • Be familiar with the goals and requirements related to the structure and interdependencies of PCI DSS
  • Know the potential avenues of attack associated with business payment operations
  • Make PCI DSS an integral component of your business operations
  • Understand the benefits of enhancing your security culture
  • See how the implementation of PCI DSS causes a positive ripple effect across your business


Who This Book Is For

Business leaders, information security (InfoSec) practitioners, chief information security managers, cybersecurity practitioners, risk managers, IT operations managers, business owners, military enthusiasts, and IT auditors

Jim Seaman: author's other books


Who wrote Pci Dss: An Integrated Data Security Standard Guide? Find out the surname, the name of the author of the book and a list of all author's works by series.

Pci Dss: An Integrated Data Security Standard Guide — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Pci Dss: An Integrated Data Security Standard Guide" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Contents
Landmarks
Jim Seaman PCI DSS An Integrated Data Security Standard Guide Jim - photo 1
Jim Seaman
PCI DSS
An Integrated Data Security Standard Guide
Jim Seaman Castleford West Yorkshire UK Any source code or other - photo 2
Jim Seaman
Castleford, West Yorkshire, UK

Any source code or other supplementary material referenced by the author in this book is available to readers on GitHub via the books product page, located at www.apress.com/978-1-4842-5807-1 . For more detailed information, please visit http://www.apress.com/source-code .

ISBN 978-1-4842-5807-1 e-ISBN 978-1-4842-5808-8
https://doi.org/10.1007/978-1-4842-5808-8
Jim Seaman 2020
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed.
Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights.
While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein.
Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail orders-ny@springer-sbm.com, or visit www.springeronline.com. Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.
Introduction
Figure 1 Image Designed by Laura Scopel For any business involved with taking - photo 3
Figure 1

Image Designed by Laura Scopel

For any business involved with taking payments from their customers for their goods and services using credit cards, there needs to be a secure chain of trust(this chain of trust extends out to all your third-party suppliers, who support your payment card operations). Your customers are entrusting their payment card data to you and, in return, expect that their payment card data is used in a business justified and legal manner and protected from harm.

All the while, opportunist attackers are seeking to identify potential weak links in this chain, which they are able to exploit and profit from.

Long before I started helping businesses to successfully align with the Payment Card Industry Data Security Standard (PCI DSS) , I was fortunate enough to have been responsible for the protection of sensitive data assets, whose impact is described in Figures.

Figure 2 Highly Sensitive Category Figure 3 Sensitive Category - photo 4
Figure 2

Highly Sensitive Category

Figure 3 Sensitive Category Figure 4 Protected Category Consequently the - photo 5
Figure 3

Sensitive Category

Figure 4 Protected Category Consequently the value of ensuring that these - photo 6
Figure 4

Protected Category

Consequently, the value of ensuring that these assets were adequately protected was fully understood by the organization, and comprehensive defenses were applied using the Defence Manual of Security (Joint Service Publication (JSP) 440).

Each asset was categorized against the category descriptions (Figures) and afforded the appropriate levels of protection. The need for suitable protection was fully appreciated, and as a result, the concept of applying the minimum standard was never a consideration, with the protective measures being aligned with their perceived levels of risk.

Thus, during my 10 years working on Counter Intelligence duties, even through security risk assessments, I never heard the term compliant.Some of these principles and lessons learned have been incorporated into the development of this book.

The PCI DSS framework can be seen as being extremely complex, expensive, and difficult to achieve and maintain. However, the reality is that it provides a comprehensive suite of baseline of mitigation security controls to help businesses fortify their payment card operations and to help reduce the opportunist attackers to exploit bad practices. The cost of not, at least, establishing a baseline and allowing your payment card operations to be compromised or your customers payment card data to be stolen would far exceed time, resources, and costs associated with aligning with PCI DSS.

There are many good books on the market that have been developed to help explain the content of the PCI DSS framework :
  • PCI DSS Quick Reference Guide

  • PCI DSS 3.2: A Comprehensive Understanding to Effectively Achieve PCI DSS Compliance

  • PCI DSS: A Pocket Guide, 6th Edition

However, I wanted to design and develop a book that went a little bit further so as to expand on the intent of the PCI DSS framework, the objective being not to be a direct regurgitation of the underlying controls but to provide both Cyber/Information Security professionals and the companys key stakeholders with a comprehensive guide on the benefits of aligning your businesss payment card operations with the PCI DSS framework and how this might be applicable to different business types.

Consequently, the readers do not need to have a detailed understanding of the specifics of the PCI DSS framework(as the latest version and additional supplementary support information is made freely available in the PCI councils Document Library)to gain an improved appreciation for the framework and how it might be applicable to your organization.

Additionally, this guide provides examples of real-life events and incidents, where the attackers have pounced on vulnerabilities which would have been addressed through the implementation of the PCI DSS mitigating controls.

The readers of this book will gain an improved understanding of the principles and objectives of the 6 goals and 12 requirements of PCI DSS and how this can be used in support of building an effective data privacy and security strategy.

Having read this book, the readers will better appreciate how alignment with the PCI DSS framework should be seen as an important business investment, helping to defend the company from opportunist attackers and to reduce the risks associated with a compromise or data breach.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Pci Dss: An Integrated Data Security Standard Guide»

Look at similar books to Pci Dss: An Integrated Data Security Standard Guide. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Pci Dss: An Integrated Data Security Standard Guide»

Discussion, reviews of the book Pci Dss: An Integrated Data Security Standard Guide and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.