Navigating Through Choppy Waters of PCI DSS Compliance

Navigating Through Choppy Waters of PCI DSS Compliance

Amrita Nanda (University at Buffalo, USA), Priyal Popat (University at Buffalo, USA) and Deepak Vimalkumar (University at Buffalo, USA)
DOI: 10.4018/978-1-5225-5634-3.ch053
OnDemand PDF Download:
No Current Special Offers


PCI Data Security Standard is increasingly becoming one of the major compliance requirements all organizations are concerned about. This chapter taking a holistic approach, provides an overview of various components of PCI DSS. We discuss various versions of PCI DSS and the industries affected by this standard, the scope and requirements to comply and hesitation on part of most companies to imbibe it. We also look at the high-profile credit card breaches which have occurred recently and their impact on concerned industries. Additionally, we focus on the challenges faced by financial institutions to effectively meet PCI DSS requirements. Based on our analysis of different requirements of PCI DSS, challenges faced by organizations and recent security breaches of companies which were PCI DSS complaint at the time of breach, we propose recommendations to help organizations secure their cardholder data beyond the achieved compliance in place.
Chapter Preview

2. Literature Review

PCI DSS compliance doesn’t ensure that a company is secured against all kind of attacks. This makes the study interesting as more and more companies are investing more in becoming compliant while it doesn’t guarantee results per se. Many researchers have studied about the way PCI DSS affects an organization’s overall posture towards security and the following section reviews the studies conducted by them in relation to the contribution we make in this chapter. We have categorized the Literature studies into 5 areas, as shown below:

Complete Chapter List

Search this Book: