PCI Security Standards Council
The Payment Card Industry (PCI) Security Standards Council website isn’t a security website per se, but it is full of very useful and helpful security information related to the most far-reaching and comprehensive industry security standard today — the PCI Data Security Standard (DSS). PCI DSS is applicable to any organization that processes, transmits, or stores payment card data — whether it handles one transaction or one million transactions — so it is very likely that your organization or your clients are subject to or affected by PCI DSS in some way.
Check out the PCI Standards and Documents, Training, and News and Events tabs on the PCI website for useful resources such as incident response templates, self-assessment questionnaires, WiFi security guidelines, encryption and tokenization information, and secure virtualization tips. These resources are specific to PCI DSS, but since most data protection standards and regulations are based on security best practices, this isn’t a bad place to go for good security information.
If you aren’t familiar with PCI DSS, go to Chapter 12 (all about Legal, Regulations, Investigations, and Compliance) — go directly to Chapter 12. Do not pass Go, do not collect 200 dollars, and do not schedule your CISSP exam until you’ve read and understand Chapter 12 and can spell PCI frontwards and backwards while doing handstands blindfolded on a high wire!