PCI Compliance:
Understand and Implement Effective PCI Data Security Standard Compliance
3e—updated for PCI DSS 2.0 (Click the book to buy!)

“Take the time to have some fun, initially read cover to cover, and then come back, as this is a solid reference as you mature your own organization in the never- ending battle of protecting global credit card commerce.” John Graham, Vice President Global Information Assurance and Risk, First Data.

“Finally we have a solid and comprehensive reference for PCI. This book explains in great detail not only how to apply PCI in a practical and cost-effective way, but more importantly why.” Joel Weise, Information Systems Security Association (ISSA) founder and chairman of the ISSA Journal Editorial Advisory Board

What This Book is About:
If you are like most information technology and information security professionals, the idea of becoming compliant with PCI DSS or countless other regulations does not sound like much fun. It is much more common to associate compliance efforts with the other extreme—and that is PAIN. Whether it is the pain of not knowing what to do, pain of failing your first assessment or pain of complying on a $0 budget, there are plenty of challenges that earned compliance—and PCI DSS compliance in particular—that mental connection with pain.

Thus the author team faces the seemingly impossible challenge: to write a fun, useful and insightful book about PCI DSS. We realize all the difficulties of achieving this, and we are committed to the challenge. And we’d like to invite you, our reader, to travel with us in the hopes that when you turn the last page, you would come to realize that PCI DSS compliance can indeed be (YES) fun!

How to Use the Book in Your Daily Job:
You can use the book during the entire lifecycle from complete PCI unawareness to ultimate security and compliance enlightenment. Specifically, you can use it to:

  • Learn what PCI DSS is and why it is here to stay
  • Figure out how it applies to you and your organization
  • Learn what to do about each of the 12 main requirements to get compliant
  • Gain knowledge about dealing with PCI assessors and how to make your compliance validation as painless as possible
  • Learn how to plan and manage a PCI DSS compliance project
  • Understand all the technologies referenced by PCI DSS
  • Understand what Visa and MasterCard really want from you
  • Get the best experience out of what can be seen as a painful assessment process
  • Build your plans even if you are a small business

Book materials:

“PCI Compliance” book reviews:

Useful PCI DSS materials:

Papers by the authors on PCI DSS:

Presentations by the authors on PCI DSS:

PCI DSS Videos:
This section contains videos of exciting PCI DSS compliance discussions – with the PCI book authors playing a role:

PCI DSS tips:

Meet the authors: