PCI DSS and SANS TOP 20 Critical Security Controls - Where and how large are the overlaps and gaps?

Document created by dgodart on Jun 6, 2012Last modified by dgodart on Jul 9, 2012
Version 3Show Document
  • View in full screen mode

The PCI Data Security Standard (PCI DSS) and the SANS Top 20 Critical Security Controls are about the least possible set of security measures that one should consider implementing for an effective defense against known attacks.  This document identifies and measures the areas of overlapping (matches) and areas of deviation (gaps) when comparing these standards against each other.