PCI DSS an integrated data security standard guide /: an integrated data security standard guide. (2020)
- Record Type:
- Book
- Title:
- PCI DSS an integrated data security standard guide /: an integrated data security standard guide. (2020)
- Main Title:
- PCI DSS an integrated data security standard guide
- Further Information:
- Note: Jim Seaman.
- Other Names:
- Seaman, Jim
- Contents:
- Intro -- Table of Contents -- About the Author -- About the Technical Reviewer -- Introduction -- A Tribute To -- Chapter 1: An Evolving Regulatory Perspective -- Introduction -- Revolution or Evolution? -- Europe -- Canada -- United States -- Australia -- China -- Japan -- Argentina -- Malaysia -- Brazil -- India -- Financial Services -- Data Privacy Hierarchy -- PCI DSS Validation Requirements -- Recommendations -- Behaviors -- Leadership -- Consent or Legitimate Use -- Conclusion -- Key Takeaways -- Risks -- Chapter 2: The Evolution of PCI DSS Associated Costs (Non-compliance/Data Breach) -- Introduction -- PCI DSS Controls Framework Architecture -- Primary (Core) Ring -- Secondary Ring -- Tertiary Ring -- Quaternary Ring -- Quinary Ring -- Senary (Outer) Ring -- Historic References -- Build and Maintain a Secure Network -- Protect Cardholder Data -- Maintain a Vulnerability Management Program -- Implement Strong Access Control Measures -- Regularly Monitor and Test Networks -- Maintain an Information Security Policy -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 3: Data Life Support System Introduction -- Concept -- Lessons Learned -- Layered Defenses -- 24/7 Monitoring -- Physical Security -- Incident Response -- Blood Life-Cycle Management -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 4: An Integrated Cyber/InfoSec Strategy -- Introduction -- Components of an Effective Strategy -- Data Privacy -- CyberIntro -- Table of Contents -- About the Author -- About the Technical Reviewer -- Introduction -- A Tribute To -- Chapter 1: An Evolving Regulatory Perspective -- Introduction -- Revolution or Evolution? -- Europe -- Canada -- United States -- Australia -- China -- Japan -- Argentina -- Malaysia -- Brazil -- India -- Financial Services -- Data Privacy Hierarchy -- PCI DSS Validation Requirements -- Recommendations -- Behaviors -- Leadership -- Consent or Legitimate Use -- Conclusion -- Key Takeaways -- Risks -- Chapter 2: The Evolution of PCI DSS Associated Costs (Non-compliance/Data Breach) -- Introduction -- PCI DSS Controls Framework Architecture -- Primary (Core) Ring -- Secondary Ring -- Tertiary Ring -- Quaternary Ring -- Quinary Ring -- Senary (Outer) Ring -- Historic References -- Build and Maintain a Secure Network -- Protect Cardholder Data -- Maintain a Vulnerability Management Program -- Implement Strong Access Control Measures -- Regularly Monitor and Test Networks -- Maintain an Information Security Policy -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 3: Data Life Support System Introduction -- Concept -- Lessons Learned -- Layered Defenses -- 24/7 Monitoring -- Physical Security -- Incident Response -- Blood Life-Cycle Management -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 4: An Integrated Cyber/InfoSec Strategy -- Introduction -- Components of an Effective Strategy -- Data Privacy -- Cyber Security -- External Attack Surface Reconnaissance -- Information Gathering -- PCI DSS Applicable Controls - External Technologies -- Information Security -- Physical Security -- Resilience -- What Is Resilience? -- Recommendations -- Conclusion Key Takeaways -- Risks -- Chapter 5: The Importance of Risk Management -- Introduction -- What Is a Risk Assessment? -- Background -- Scenario Development -- Think Like an Attacker -- Risk Scenarios -- Risk Assessment Process -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 6: Risk Management vs. Compliance - The Differentiator -- Introduction -- PCI DSS Is Not a Legal Requirement... -- ...But Should Be a Business Requirement? -- Concept -- How Is This Achieved? -- Qualitative vs. Quantitative Risk Assessment -- Qualitative Risk Assessments Quantitative Risk Assessments -- Risk Appetite/Tolerance -- Case Studies -- Case Study 1: Telephone-Based Payments Risk Balance Case -- Case Study 2: Enhanced PCI DSS Program Through Integration into Enterprise Risk Management (ERM) -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 7: PCI DSS Applicability -- PCI DSS Overview -- Introduction -- The Precious Cargo -- Structure of a Payment Card -- Precious Cargo Categories -- Front of Payment Card Breakdown -- Rear of Payment Card Breakdown -- Personal Identification Number (PIN)/PIN Blocks -- CHD Storage … (more)
- Publisher Details:
- Berkeley, CA : Apress
- Publication Date:
- 2020
- Extent:
- 1 online resource (549 p.)
- Subjects:
- 005.8
Computer security
Computer security
Electronic books
Electronic books - Languages:
- English
- ISBNs:
- 9781484258088
1484258088 - Related ISBNs:
- 9781484258071
- Notes:
- Note: Includes bibliographical references and index.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.506290
- Ingest File:
- 03_081.xml