- Shopping Bag ( 0 items )
Posted February 23, 2012
Are you interested in payment security? If you are, then this book is for you! Authors Dr. Anton Chuvakin and Branden R. Williams, have done an outstanding job of writing a second edition of a book that shows you the PCI DSS requirements and helps you understand how the PCI DSS requirements fit into an organization’s information security framework, and how to effectively implement information security controls, so that you can be both compliant and secure. Authors Chuvakin and Williams, begin by explaining why PCI DSS is special and what the book is all about. In addition, the authors explain cybercrime and regulations, and briefly look at payment card fraud, cybercrime, ID theft, and other things around PCI DSS. They then give an overview of PCI DSS and why the card industry was compelled to create it. The authors then, explain the necessary steps in protecting data for PCI DSS compliance and other reasons. They continue by covering one of the most important aspects of PCI DSS compliance access control. In addition, the authors explain how to protect card data that is stored on your systems; as well as, how to protect data while it is in transit on your network. They then cover wireless security issues and wireless security controls and safeguards managed by PCI DSS. The authors then explain performing vulnerability assessments to identify weaknesses in systems and applications, and how to mitigate or remediate the vulnerabilities to protect and secure your data. Then, the authors discuss how to configure logging and event assessment to capture the information you need to be able to show and maintain PCI compliance; as well as, how to perform other security monitoring tasks. In addition, they give an overview of the steps involved and tasks necessary to implement a successful PCI compliance project. The authors then, provide an understanding of why an assessor is available to work with you to validate your compliance and help you with security. They continue by explaining how compensating controls are often talked about and misunderstood. In addition, the authors cover the details you need to keep in mind once you have achieved compliance. They then cover how PCI DSS relates to other regulatory beasts: laws, frameworks and regulations. Finally, the authors explain common, but damaging PCI myths and misconceptions; as well as, explaining the reality behind them. The goal of this most excellent book, is to show you how to effectively implement information security controls, so that you can be both compliant and secure. Perhaps more importantly, each chapter of the book is designed to provide you the information you need to know in a way that you can easily understand and apply.Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.