Authored by four of the most recognized PCI experts
Reviews detailed documentation requirements for each of the more than 400 PCI DSS requirements
Includes practical details of real-world PCI use and compliance
Buy it now
Tax calculation will be finalised at checkout
Other ways to access
This is a preview of subscription content, access via your institution.
Table of contents (16 chapters)
About this book
Any merchant or service provider that stores, processes, or transmits credit card data must comply with the PCI Data Security Standard. PCI DSS 1.0 was first published in 2004, yet many of those tasked with PCI compliance still encounter difficulties when trying to make sense of it. PCI DSS version 4 was published in March 2022, and at 360 pages, it has numerous additional requirements, leaving many people struggling to know what they need to do to comply.
PCI DSS v4.0 has a transition period in which PCI DSS version 3.2.1 will remain active for two years from the v4.0 publication date. Although the transition period ends on March 31, 2024, and may seem far away, those tasked with PCI compliance will need every bit of the time to acquaint themselves with the many news updates, templates, forms, and more, that PCI v4.0 brings to their world.
What You’ll Learn
- Know what it takes to be PCI compliant
- Understand and implement what is in the PCI DSS
- Get rid of cardholder data
- Everything you need to know about segmenting your cardholder data network
- Know what documentation is needed for your PCI compliance efforts
- Leverage real-world experience to assist PCI compliance work
Who This Book Is ForCompliance managers and those tasked with PCI compliance, information security managers, internal auditors, chief security officers, chief technology officers, and chief information officers. Readers should have a basic understanding of how credit card payment networks operate, in addition to basic security concepts.
- PCI DSS
- Cardholder data
- Cardholder data environment
- PCI Dream Team
- Payment networks
- MasterCard Visa
Authors and Affiliations
Colorado Springs, USA
Arthur B. Cooper Jr.
About the authors
Jeff Hall is Principal Security Consultant at Truvantis, Inc. He has over 30 years of technology and compliance project experience. Jeff has done a significant amount of work with financial institutions, and the health care, manufacturing, and distribution industries, including security assessments, strategic technology planning, and application implementation. He is part of the PCI Dream Team and is the writer of the PCI Guru blog, the definitive source for PCI DSS information.
David Mundhenk is Principal Security Consultant at the eDelta Consulting, as an information security, governance, risk, and compliance consultant with extensive multi-organizational experience providing a myriad of professional security services to business and government entities worldwide. He has worked as a computer and network system security professional for more than 30 years. David’s experience covers a broad spectrum of security disciplines, including security compliance assessments, security product quality assurance, vulnerability scanning, penetration testing, application security assessments, network and host intrusion detection/prevention, disaster and recovery planning, protocol analysis, formal security training instruction, and social engineering. He has successfully completed 200+ PCI DSS assessments and scores of PADSS assessments. Certifications include CISSP, CISA, QSA, PCIP.
Ben Rothke, CISSP, CISM, CISA is a New York city-based Senior Information Security Manager with Tapad and has over 20 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design and implementation of systems security, encryption, cryptography, and security policy development. Ben is the author of the book Computer Security - 20 Things Every Employee Should Know, and writes security and privacy book reviews for the RSA Conference blog and Security Management. He is a frequent speaker at industry conferences, such as RSA and MISTI, is a member of ASIS, and InfraGard, and holds many security certifications, besides being an ISO 27001 lead auditor.
Book Title: The Definitive Guide to PCI DSS Version 4
Book Subtitle: Documentation, Compliance, and Management
Authors: Arthur B. Cooper Jr., Jeff Hall, David Mundhenk, Ben Rothke
Publisher: Apress Berkeley, CA
Copyright Information: Arthur B. Cooper Jr., Jeff Hall, David Mundhenk, Ben Rothke 2023
Softcover ISBN: 978-1-4842-9287-7Published: 25 May 2023
eBook ISBN: 978-1-4842-9288-4Published: 24 May 2023
Edition Number: 1
Number of Pages: XXIV, 253
Number of Illustrations: 12 b/w illustrations
Topics: Systems and Data Security