We are excited to share that SecurityMetrics was Named Winner of the Global InfoSec Awards during RSA Conference 2022 for Most Innovative Cybersecurity Book.
“SecurityMetrics embodies three major features we judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach,” said Gary S. Miliefsky, Publisher of Cyber Defense Magazine.
The PCI Guide is an ongoing, collaborative effort, with recommendations and original research from the SecurityMetrics Audit, Penetration Testing, Forensics, Support, and Executive teams.
SecurityMetrics Audit Director, Matt Halbleib (CISSP, CISA, QSA), said "We publish our guide to give businesses of all sizes a tool to understand and organize their PCI compliance efforts. Maintaining PCI compliance in an environment-specific way helps businesses protect their data, detect breaches, and keep cybercriminals off their network."
The seventh edition of the PCI DSS Guide has been updated to include:
- Insight into PCI DSS 4.0 requirement changes
- Tips for applying the PCI DSS in a cloud environment
- Information on e-commerce attacks including iFrame hacks
- Interactive IT checklists for each requirement
- Brand new PCI compliance customer data
- Tips and experiences from PCI Auditors (QSAs)
"Businesses who utilize the Guide to PCI DSS Compliance can better organize their compliance efforts and understand the way PCI compliance requirements affect cybersecurity. On top of that, the PCI Guide is a great training tool when assigning new resources to your PCI compliance effort,” said SecurityMetrics VP of Assessments Gary Glover (CISSP, CISA, QSA).
Becoming PCI DSS Compliant reduces the risk of a data breach
Payment Card Industry (PCI) compliance is required for any organization that takes payment cards. The PCI Data Security Standard (PCI DSS) includes 12 data security requirements that merchants must follow. Service providers must also comply with the PCI DSS, as well as follow some additional requirements on top of those that apply to merchants.
Businesses of all sizes are tasked with PCI DSS compliance. Many variables come into play while working toward this goal: available resources, time, technology, and information security experience. Our PCI Guide helps organizations maintain PCI compliance standards so that they are less likely to experience data breaches.
How can you use the SecurityMetrics Guide to PCI DSS Compliance?
Because the SecurityMetrics Guide to PCI DSS Compliance is a simple breakdown of PCI DSS, it can be a great starting point for employees who are new to PCI compliance or even cybersecurity. You can easily use this guide in workforce training or new hire training. While there may be sections of the guide that aren’t relevant for everyone, it is designed to be a reference guide so you can focus on what you need or what would be helpful to your organization.
In addition to training, you can use this guide to explain the importance of and purpose behind PCI compliance to executives. The SecurityMetrics Guide to PCI DSS Compliance contains budgetary breakdowns, real-world examples of data breaches and solutions, current statistics, infographics, and expert advice so that you can easily demonstrate the importance of cybersecurity and PCI compliance.
What organizations say about our guide
Every PCI manager should have a copy of the SecurityMetrics Guide to PCI DSS Compliance at their desk. Whether it’s to answer questions from your merchants, complete your own PCI compliance validation, or keep up with current data breach trends this guide is a great resource.
Jean Gerritsen, AVP Card Services, NCMIC Group, Inc.
The SecurityMetrics Guide to PCI DSS Compliance is a one-stop guide to ensuring your organization is PCI DSS compliant. This is the best comprehensive guide I've found.
Brenda Clark, Compliance and Security Manager, NTT America, Inc.
SecurityMetrics is our trustworthy partner when we have to make our annual PCI compliance process successful. They are dedicated in the PCI realm and always provide the detailed information, training, and assistance that make achieving compliance simple and easy.
Georgi Kirov, CEO, SWICS Ltd
SecurityMetrics PCI DSS Guide provides a very pragmatic method to understand and implement PCI DSS compliance.
Thierry Bricman, Head of Implementation, MFTEL Services
The guide all should follow.
Steven Cilento, Owner, Jersey's Best Home Inspection LLC
The most comprehensive guide to PCI DSS compliance.
Ana Tremblay, Managing Director, Algonquin Travel TravelPlus
If you want to cut through the complicated descriptions and consultant-ese explanations, this is the guide to read.
Rodolfo Peña García, Senior Security Consultant, Energywise
The guide is useful and practical for year on year re-certification.
Lee Kin Hong, General Manager, ManagePay Resources