PCI DSS is an important challenge not only for U.S. Retailers, but also for any organization that holds, processes or passes cardholder data from any of the participating branded cards. Retailers that fail Payment Card Industry Data Security Standard (PCI DSS) assessments can be fined up to $500,000. Additional penalties can range from increased assessment requirements to retraction of credit card processing privileges. Generally, retailers that process over 20,000 credit card transactions per year must fill out an annual self-assessment and conduct quarterly network scans by an approved vendor. Retailers that process over 6 million credit card transactions per year are also subject to annual on-site assessments. While on the surface the PCI standard seems straight forward, upon deeper inspection in preparation for an on-site assessment, compliance can become more complicated. A few strategic security investments at the network and application layer security can significantly simplify PCI DSS compliance, while maintaining cost-efficiency. This paper highlights top reasons for assessment failure or security breach, and outlines a better way to secure your payment card infrastructure.