PCI DSS : an integrated data security standard guide /

Gain a broad understanding of how PCI DSS is structured and obtain a high-level view of the contents and context of each of the 12 top-level requirements. The guidance provided in this book will help you effectively apply PCI DSS in your business environments, enhance your payment card defensive pos...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Seaman, Jim
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Berkeley, CA : Apress, 2020.
Temas:
Computer security.
Computer Security
Sécurité informatique.
Computer security
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)

MARC

LEADER 00000cam a2200000 a 4500
001 OR_on1153844850
003 OCoLC
005 20231017213018.0
006 m o d
007 cr un|---aucuu
008 200509s2020 cau ob 001 0 eng d
040 |a EBLCP  |b eng  |e pn  |c EBLCP  |d GW5XE  |d EBLCP  |d LQU  |d UPM  |d OCLCF  |d TEFOD  |d UKAHL  |d AUD  |d OCLCO  |d OCLCQ  |d COM  |d OCLCQ  |d OCLCO 
019 |a 1155882974  |a 1156779311  |a 1157252713  |a 1157691299  |a 1158325544 
020 |a 9781484258088  |q (electronic bk.) 
020 |a 1484258088  |q (electronic bk.) 
020 |z 9781484258071 
024 7 |a 10.1007/978-1-4842-5808-8  |2 doi 
024 8 |a 10.1007/978-1-4842-5 
029 1 |a AU@  |b 000068658702 
035 |a (OCoLC)1153844850  |z (OCoLC)1155882974  |z (OCoLC)1156779311  |z (OCoLC)1157252713  |z (OCoLC)1157691299  |z (OCoLC)1158325544 
037 |a 0406E1FE-2B0A-45E2-ABA0-E8EB7E9B0BF7  |b OverDrive, Inc.  |n http://www.overdrive.com 
050 4 |a QA76.9.A25 
072 7 |a UR  |2 bicssc 
072 7 |a COM053000  |2 bisacsh 
072 7 |a UR  |2 thema 
082 0 4 |a 005.8  |2 23 
049 |a UAMI 
100 1 |a Seaman, Jim. 
245 1 0 |a PCI DSS :  |b an integrated data security standard guide /  |c Jim Seaman. 
260 |a Berkeley, CA :  |b Apress,  |c 2020. 
300 |a 1 online resource (549 pages) 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file 
347 |b PDF 
588 0 |a Print version record. 
505 0 |a Intro -- Table of Contents -- About the Author -- About the Technical Reviewer -- Introduction -- A Tribute To -- Chapter 1: An Evolving Regulatory Perspective -- Introduction -- Revolution or Evolution? -- Europe -- Canada -- United States -- Australia -- China -- Japan -- Argentina -- Malaysia -- Brazil -- India -- Financial Services -- Data Privacy Hierarchy -- PCI DSS Validation Requirements -- Recommendations -- Behaviors -- Leadership -- Consent or Legitimate Use -- Conclusion -- Key Takeaways -- Risks -- Chapter 2: The Evolution of PCI DSS 
505 8 |a Associated Costs (Non-compliance/Data Breach) -- Introduction -- PCI DSS Controls Framework Architecture -- Primary (Core) Ring -- Secondary Ring -- Tertiary Ring -- Quaternary Ring -- Quinary Ring -- Senary (Outer) Ring -- Historic References -- Build and Maintain a Secure Network -- Protect Cardholder Data -- Maintain a Vulnerability Management Program -- Implement Strong Access Control Measures -- Regularly Monitor and Test Networks -- Maintain an Information Security Policy -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 3: Data Life Support System 
505 8 |a Introduction -- Concept -- Lessons Learned -- Layered Defenses -- 24/7 Monitoring -- Physical Security -- Incident Response -- Blood Life-Cycle Management -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 4: An Integrated Cyber/InfoSec Strategy -- Introduction -- Components of an Effective Strategy -- Data Privacy -- Cyber Security -- External Attack Surface Reconnaissance -- Information Gathering -- PCI DSS Applicable Controls -- External Technologies -- Information Security -- Physical Security -- Resilience -- What Is Resilience? -- Recommendations -- Conclusion 
505 8 |a Key Takeaways -- Risks -- Chapter 5: The Importance of Risk Management -- Introduction -- What Is a Risk Assessment? -- Background -- Scenario Development -- Think Like an Attacker -- Risk Scenarios -- Risk Assessment Process -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 6: Risk Management vs. Compliance -- The Differentiator -- Introduction -- PCI DSS Is Not a Legal Requirement ... -- ... But Should Be a Business Requirement? -- Concept -- How Is This Achieved? -- Qualitative vs. Quantitative Risk Assessment -- Qualitative Risk Assessments 
505 8 |a Quantitative Risk Assessments -- Risk Appetite/Tolerance -- Case Studies -- Case Study 1: Telephone-Based Payments Risk Balance Case -- Case Study 2: Enhanced PCI DSS Program Through Integration into Enterprise Risk Management (ERM) -- Reality Bites -- Recommendations -- Conclusion -- Key Takeaways -- Risks -- Chapter 7: PCI DSS Applicability -- PCI DSS Overview -- Introduction -- The Precious Cargo -- Structure of a Payment Card -- Precious Cargo Categories -- Front of Payment Card Breakdown -- Rear of Payment Card Breakdown -- Personal Identification Number (PIN)/PIN Blocks -- CHD Storage 
500 |a Accessing Applicability 
504 |a Includes bibliographical references and index. 
520 |a Gain a broad understanding of how PCI DSS is structured and obtain a high-level view of the contents and context of each of the 12 top-level requirements. The guidance provided in this book will help you effectively apply PCI DSS in your business environments, enhance your payment card defensive posture, and reduce the opportunities for criminals to compromise your network or steal sensitive data assets. Businesses are seeing an increased volume of data breaches, where an opportunist attacker from outside the business or a disaffected employee successfully exploits poor company practices. Rather than being a regurgitation of the PCI DSS controls, this book aims to help you balance the needs of running your business with the value of implementing PCI DSS for the protection of consumer payment card data. Applying lessons learned from history, military experiences (including multiple deployments into hostile areas), numerous PCI QSA assignments, and corporate cybersecurity and InfoSec roles, author Jim Seaman helps you understand the complexities of the payment card industry data security standard as you protect cardholder data. You will learn how to align the standard with your business IT systems or operations that store, process, and/or transmit sensitive data. This book will help you develop a business cybersecurity and InfoSec strategy through the correct interpretation, implementation, and maintenance of PCI DSS. You will: Be aware of recent data privacy regulatory changes and the release of PCI DSS v4.0 Improve the defense of consumer payment card data to safeguard the reputation of your business and make it more difficult for criminals to breach security Be familiar with the goals and requirements related to the structure and interdependencies of PCI DSS Know the potential avenues of attack associated with business payment operations Make PCI DSS an integral component of your business operations Understand the benefits of enhancing your security culture See how the implementation of PCI DSS causes a positive ripple effect across your business. 
590 |a O'Reilly  |b O'Reilly Online Learning: Academic/Public Library Edition 
650 0 |a Computer security. 
650 2 |a Computer Security 
650 6 |a Sécurité informatique. 
650 7 |a Computer security  |2 fast 
776 0 8 |i Print version:  |a Seaman, Jim.  |t Pci Dss : An Integrated Data Security Standard Guide.  |d Berkeley, CA : Apress L.P., ©2020  |z 9781484258071 
856 4 0 |u https://learning.oreilly.com/library/view/~/9781484258088/?ar  |z Texto completo (Requiere registro previo con correo institucional) 
938 |a Askews and Holts Library Services  |b ASKH  |n AH37506402 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL6190200 
994 |a 92  |b IZTAP 

Ejemplares similares