Ben Rothke

This book is your go-to reference on how to achieve PCI compliance. With more than 400 PCI requirements, the updated PCI Data Security Standard (PCI DSS) v4.0 does not detail the specific documentation that a PCI auditor―known as a Qualified Security Assessor (QSA)―needs to know. This book is the first reference to detail the specific documentation needed for every PCI requirement. The authors provide real-world examples of complying with the 12 main PCI requirements and clarify many of the… Show more

This book is your go-to reference on how to achieve PCI compliance. With more than 400 PCI requirements, the updated PCI Data Security Standard (PCI DSS) v4.0 does not detail the specific documentation that a PCI auditor―known as a Qualified Security Assessor (QSA)―needs to know. This book is the first reference to detail the specific documentation needed for every PCI requirement. The authors provide real-world examples of complying with the 12 main PCI requirements and clarify many of the gray areas within the PCI DSS.
Any merchant or service provider that stores, processes, or transmits credit card data must comply with the PCI Data Security Standard. PCI DSS 1.0 was first published in 2004, yet many of those tasked with PCI compliance still encounter difficulties when trying to make sense of it. PCI DSS version 4 was published in March 2022, and at 360 pages, it has numerous additional requirements, leaving many people struggling to know what they need to do to comply.

PCI DSS v4.0 has a transition period in which PCI DSS version 3.2.1 will remain active for two years from the v4.0 publication date. Although the transition period ends on March 31, 2024, and may seem far away, those tasked with PCI compliance will need every bit of the time to acquaint themselves with the many news updates, templates, forms, and more, that PCI v4.0 brings to their world.

You will:

Know what it takes to be PCI compliant
Understand and implement what is in the PCI DSS
Get rid of cardholder data
Have everything you need to know about segmenting your cardholder data network
Know what documentation is needed for your PCI compliance efforts
Leverage real-world experience to assist PCI compliance work Show less

I am on the editorial board for the ‘Information Security Journal: A Global Perspective’, the official journal of (ISC)2. This is a bi-monthly highly influential insider's review dealing with the ever-changing security environment and its inherent challenges. It provides essential information for managing the evolving enterprise, with detailed articles on emerging technologies, current trends and innovative solutions.

The Journal's audience is comprised of dedicated professionals… Show more

I am on the editorial board for the ‘Information Security Journal: A Global Perspective’, the official journal of (ISC)2. This is a bi-monthly highly influential insider's review dealing with the ever-changing security environment and its inherent challenges. It provides essential information for managing the evolving enterprise, with detailed articles on emerging technologies, current trends and innovative solutions.

The Journal's audience is comprised of dedicated professionals charged with implementing security programs, as well as those who create and enforce policies and procedures. It is also made up of authors who are experts in their respective areas, submitting timely and visionary perspectives for the education of all. Show less