Filter by Category

7 Essential Resources on PCI DSS Security

Banner image for 7 Essential Resources on PCI DSS Security, with a large number 7 and a padlock

Note from the Editor: This article was originally published in February 2017. It has been updated with resources current to PCI DSS version 3.2.1.

Did you know that 80% of organizations are not compliant with PCI DSS requirements? That means, if you’re reading this, there’s a pretty good chance your company needs to make adjustments to ensure a fully compliant payment processing infrastructure.

PCI DSS compliance doesn’t happen overnight, and maintaining compliance year after year can be even more difficult. In fact, only 29% of companies surveyed were in compliance a year after validation. With these statistics in mind, we’ve compiled a collection of the best PCI DSS security and compliance resources to help you become and stay compliant, even as new standards are rolled out.

PCI DSS Compliance Guide from the PCI Security Standards Council1. PCI DSS Quick Reference Guide [PDF]

This PDF guide provides a comprehensive overview of PCI DSS version 3.2.1 requirements, necessary security controls and processes, instructions on how to comply with PCI DSS and a list of trusted resources. Published by the PCI Security Standards Council, it’s authoritative and comprehensive.

Why we love it:
For anyone just beginning their research on PCI DSS, this guide is a great place to start. Keep in mind, the PCI Security Standards Council typically releases a new guide when the next version of requirements is confirmed. Check their website for the most up-to-date version and further resources.

Hacking Point of Sale2. Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions [Book]

Voted among the Best Business and Leadership Books of 2018 on Amazon, Slava Gomzin's book is a must-have guide for anyone responsible for securing credit and debit card transactions, and offers an inside look at how these systems can be hacked. To beat the enemy, you must know the enemy.

Why we love it:
In the last few years POS hacks have become more prevalent (Orbitz, Huddle House, and EatStreet, for example). With a reader rating of 4.3 out of 5 stars, this book provides real and actionable solutions on how to achieve better security at the point of sale.

Cover of The Hacker Playbook 3 by Peter Kim3. The Hacker Playbook 3: Practical Guide To Penetration Testing [Book]

This resource goes above and beyond PCI DSS compliance to teach security professionals how to protect against hacking through the game of penetration hacking and hands-on examples. Packed with new materials and described by readers as a “must have” “masterpiece”, this top-rated book made our list of recommended PCI DSS security resources for good reason.

Why we love it:
This step-by-step guide is top-rated, and takes a unique approach to preventative security, helping readers better understand all the ways their infrastructure could be compromised. Author Peter Kim is an information security expert and researcher, and this third edition of The Hacker Playbook expands on and updates his previous releases.

PCI DSS validation requirements4. Validation Requirements [Infographic]

Are you a visual learner? Then this infographic is a great place to start when looking to understand PCI DSS validation requirements.

Why we love it:
The chart is straight-forward, allowing anyone to quickly understand which validation requirements their organization falls under.

reduce PCI DSS scope5. Reduce PCI DSS Scope [SlideShare]

Most PCI DSS compliant businesses are looking to minimize the cost and effort that comes with PCI DSS compliance. Fortunately, there are a few key ways to reduce the scope of PCI DSS, and this helpful SlideShare explains them.

Why we love it:
While this SlideShare was originally released for PCI DSS version 3.1, we find that the tips and tricks for reducing PCI DSS overhead, beginning on slide 23, carry over to version 3.2.1. Reducing PCI DSS scope is a very important aspect of PCI DSS compliance, and can greatly help to reduce the costs dedicated to maintaining compliance.

PCI DSS compliance made easy6. PCI DSS Compliance Made Easy [Video]

In this 3-minute video, a small business owner explains how PCI DSS compliance affects him, his customers, and his business. He also explains the important risks of non-compliance.

Why we love it:
PCI DSS compliance applies to so many types of businesses, and the importance of these regulations can easily be missed by small business owners focusing on day-to-day operations. This video takes a personable, engaging approach to PCI DSS compliance.

Looking for more videos? Try the 5 minute "What is PCI DSS? A Brief Summary of the Standard"

how to give your PCI DSS compliance program a tune up7. Acquirers: How to Give Your PCI DSS Compliance Program a Tune Up [Infographic]

If you’re confident that your organization is already meeting PCI DSS compliance, this infographic is for you. Learn four ways you can give your PCI DSS compliance program a tune-up, to ensure on-going compliance in years to come.

Why we love it:
In a sea of resources on “what is PCI DSS” and the basics to becoming compliant, this infographic speaks to those organizations that have moved past that stage in their compliance.

Want more PCI DSS compliance resources? Check out our new guide on how GoAnywhere Managed File Transfer helps to make PCI DSS compliance easy.

Latest Posts


What is PGP Encryption and How to Use It

August 3, 2021

When it comes to keeping organizational data safe, it’s important to consider the impact of encryption. We’ll break down one of the most popular encryption types: PGP encryption.


Is On-Premises Enterprise File Sharing Right for Your Business?

July 29, 2021

On-premises, the cloud, or even hybrid are valid file sharing solutions, but which is right for you? Discover if enterprise file sharing on-premises is the best fit for your organization.


The Top Tips for Optimizing File Transfer Productivity

July 27, 2021

Transferring data securely is non-negotiable. However, the process doesn’t have to be tedious. Optimize your file transfer productivity with the tips in our blog.


Ransomware Attacks on Small Businesses: How to Mitigate

July 21, 2021

Small businesses are just as vulnerable as large enterprises to cyberthreats and ransomware attacks. Robust security defense strategies, including MFT, can help.


Defining What Extreme File Transfers Can Do for You

July 20, 2021

Learn what extreme file transfer (XFT) is and what it can do for your organization.