PCI Compliance, 5/e (Paperback)

The Payment Card Industry Data Security Standard (PCI DSS) is now in its 18th year, and it is continuing to dominate corporate security budgets and resources. If you accept, process, transmit, or store payment card data branded by Visa, MasterCard, American Express, Discover, or JCB (or their affiliates and partners), you must comply with this lengthy standard.

Personal data theft is at the top of the list of likely cybercrimes that modern-day corporations must defend against. In particular, credit or debit card data is preferred by cybercriminals as they can find ways to monetize it quickly from anywhere in the world. Is your payment processing secure and compliant? The new Fifth Edition of PCI Compliance has been revised to follow the new PCI DSS version 4.0, which is a complete overhaul to the standard. Also new to the Fifth Edition are: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as Kubernetes, cloud, near-field communication, point-to-point encryption, Mobile, Europay, MasterCard, and Visa. This is the first book to address the recent updates to PCI DSS and the only book you will need during your PCI DSS journey. The real-world scenarios and hands-on guidance will be extremely valuable, as well as the community of professionals you will join after buying this book.

Each chapter has how-to guidance to walk you through implementing concepts and real-world scenarios to help you grasp how PCI DSS will affect your daily operations. This book provides the information that you need in order to understand the current PCI Data Security Standards and the ecosystem that surrounds them, how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally identifiable information. Our book puts security first as a way to enable compliance.

• Completely updated to follow the current PCI DSS version 4.0
• Packed with tips to develop and implement an effective PCI DSS and cybersecurity strategy
• Includes coverage of new and emerging technologies such as Kubernetes, mobility, and 3D Secure 2.0
• Both authors have broad information security backgrounds, including extensive PCI DSS experience

「支付卡行業數據安全標準（PCI DSS）」已經進入第18個年頭，並且持續主導企業的安全預算和資源。如果您接受、處理、傳輸或儲存由Visa、MasterCard、American Express、Discover或JCB（或其關聯公司和合作夥伴）品牌的支付卡數據，您必須遵守這個冗長的標準。

個人數據盜竊是現代企業必須防範的頭號網絡犯罪。特別是，信用卡或借記卡數據是網絡罪犯首選，因為他們可以在世界任何地方迅速尋找方法來實現利益。您的支付處理是否安全合規？《PCI合規》第五版已經修訂，以遵循新的PCI DSS 4.0版本，這是對標準的全面改革。第五版新增了額外的案例研究，以及全球維護PCI合規的明確指南和說明，包括對Kubernetes、雲端、近場通訊、點對點加密、移動支付、歐洲支付、MasterCard和Visa等技術的涵蓋。這是第一本涉及最新PCI DSS更新的書籍，也是您在PCI DSS之旅中唯一需要的書籍。實際案例和實用指導將非常有價值，同時您還將加入這本書購買後的專業社群。

每一章都提供了實施概念和實際案例的操作指南，以幫助您了解PCI DSS對日常運營的影響。本書提供了您需要的信息，以便了解當前的PCI數據安全標準及其周邊生態系統，如何有效實施網絡基礎設施的安全以符合信用卡行業的指南，並幫助您保護敏感和可識別個人信息。我們的書籍以安全為先，作為實現合規的途徑。

• 完全更新以遵循當前的PCI DSS 4.0版本


• 提供開發和實施有效的PCI DSS和網絡安全策略的技巧


• 包括對Kubernetes、移動支付和3D Secure 2.0等新興技術的涵蓋


• 兩位作者都具有廣泛的信息安全背景，包括豐富的PCI DSS經驗

Dr. Branden R. Williams has more than twenty-five years of experience as a technology executive where he has served virtually every industry as an information technology and cybersecurity consultant, as well as held high-level executive roles inside banks, other financial services firms, and top cybersecurity and technology vendors. He has been working with PCI DSS, CISP, and SDP since 2004.

Branden's intuitive understanding of how information technology drives business, his use of business intelligence tools to drive revenue and innovation, and his energy and likeable personality have earned him increasing responsibility and respect in the business and academic worlds. Using his keen business insights and ability to communicate with technical and non-technical audiences, he collaborates with executives to analyze, develop, and implement enterprise-wide solutions that support key business initiatives.

Branden has global experience working on six continents as a consultant and practitioner and holds a Masters and Doctor of Business Administration degrees. He teaches graduate-level courses at the University of Dallas as an adjunct and is a sought after speaker and author.

James K. Adamson has assisted clients in the payment security space for over 15 years as a PCI QSA and trusted advisor.

His work has included consulting with hundreds of organizations, ranging from Fortune 100s to startups, across many verticals, including retail, financial, travel, technology, medical, and service providers. He has deep expertise in assessing payment environments, reviewing security architectures and programs, and developing holistic approaches to addressing security and compliance needs.

James approaches compliance with the Payment Card Industry Data Security Standard to ensure that it helps organizations focus on protecting their customers' data, reducing risk, and improving business and security effectiveness.

Dr. Branden R. Williams擁有超過25年的技術執行經驗，他曾擔任過幾乎所有行業的資訊科技和網絡安全顧問，並在銀行、其他金融服務公司以及頂級網絡安全和技術供應商擔任高級執行職位。他自2004年以來一直與PCI DSS、CISP和SDP合作。

Branden對於信息技術如何推動業務的直觀理解，他使用商業智能工具推動收入和創新的能力，以及他的活力和可愛的個性，使他在商業和學術界贏得了越來越多的責任和尊重。他利用自己敏銳的商業洞察力和與技術和非技術觀眾溝通的能力，與高管合作分析、開發和實施支持關鍵業務計劃的企業級解決方案。

Branden在全球六大洲擔任顧問和實踐者，擁有碩士和博士學位。他在達拉斯大學擔任兼職教授，教授研究生課程，並且是一位備受追捧的演講者和作者。

James K. Adamson作為PCI QSA和可信顧問，已在支付安全領域為客戶提供超過15年的協助。

他的工作包括與數百家組織進行咨詢，從財富100強到初創企業，涵蓋零售、金融、旅遊、技術、醫療和服務提供商等多個行業。他在評估支付環境、審查安全架構和計劃，以及制定綜合方法應對安全和合規需求方面具有深厚的專業知識。

James以符合支付卡行業數據安全標準的合規性為出發點，確保它有助於組織集中保護客戶數據、降低風險，並提高業務和安全效能。