In order to be compliant with Payment Card Industry Data Security Standard (PCI DSS), one of the control objectives that should be included in one's security policies and controls is building and maintaining a secure network. The reason for this is as follows:to have a specific firewall, system password, and other security network layer controlsto specify how to maintain secure systems and applications, including the required use of antivirus softwareto require monitoring access to cardholder and periodic penetration testing of the networkto require that security policies reflect the PCI DSS requirements, and that these policies are kept current and an awareness program is implemented

In order to comply with the Payment Card Industry Data Security Standard (PCI DSS), it is essential to include the objective of building and maintaining a secure network in your security policies and controls. This is necessary for several reasons:

1. To establish a specific firewall, system password, and other security network layer controls: These measures are crucial in protecting cardholder data from unauthorized access and potential breaches.

2. To specify how to maintain secure systems and applications, including the required use of antivirus software: This ensures that your systems and applications are always up-to-date and protected against the latest threats.

3. To require monitoring access to cardholder and periodic penetration testing of the network: Regular monitoring and testing can help identify potential vulnerabilities and fix them before they can be exploited.

4. To require that security policies reflect the PCI DSS requirements, and that these policies are kept current and an awareness program is implemented: This ensures that all employees are aware of the importance of data security and are trained in the latest best practices.

By implementing these measures, you can ensure that your organization is compliant with PCI DSS and that your customers' cardholder data is secure.