Identity theft has been steadily rising in recent years, and credit card data is one of the number one targets for identity theft. With a few pieces of key information. Organized crime has made malware development and computer networking attacks more professional and better defenses are necessary to protect against attack. The credit card industry established the PCI Data Security standards to provide a baseline expectancy for how vendors, or any entity that handles credit card transactions or data, should protect data to ensure it is not stolen or compromised. This book will provide the information that you need to understand the PCI Data Security standards and how to effectively implement security on the network infrastructure in order to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. - PCI Data Security standards apply to every company globally that processes or transmits credit card transaction data - Information to develop and implement an effective security strategy to keep infrastructures compliant - Well known authors have extensive information security backgrounds
Autorentext
Dr. Anton Chuvakin is a recognized security expert in the field of log
management and PCI DSS compliance. He is an author of the books "Security Warrior" and "PCI
Compliance" and has contributed to many others, while also publishing dozens of papers on
log management, correlation, data analysis, PCI DSS, and security management. His blog
(http://www.securitywarrior.org) is one of the most popular in the industry.
Additionaly, Anton teaches classes and presents at many security conferences across the world
and he works on emerging security standards and serves on the advisory boards of
several security start-ups. Currently, Anton is developing his security consulting practice,
focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations.
Anton earned his Ph.D. from Stony Brook University.
Inhalt
1: Foreword
2: Introduction
3: Why PCI Is Important
4: Build & Maintain a Secure Network
5: Protect Cardholder Data
6: Vulnerability Management
7: Strong Access Control
8: Logging Access & Events
9: Monitor & Test
10: Monitoring Information Security Policy
11: How to Plan a Project to Meet Compliance
12: Leveraging PCI Compliance efforts with other Compliance Requirements
13: Responsibilities
14: Preparing to Fail Your First Test
15: You're Compliant, Now What