Which goal focuses on protecting cardholder data?

The goal that focuses on protecting cardholder data is Goal 3. This goal emphasizes the necessity of protecting stored cardholder data and encrypting transmission of cardholder data across open and public networks. It outlines specific requirements to ensure that sensitive information is safeguarded against unauthorized access and exposure.

In the context of PCI DSS, Goal 3 is critical because it directly addresses the security measures needed to preserve the confidentiality and integrity of cardholder data, which is fundamental to maintaining trust in payment systems. This goal also encompasses practices like data retention policies and secure handling procedures, ensuring that the data remains protected throughout its lifecycle.

Understanding the specific requirements of Goal 3 is vital for entities that process, store, or transmit cardholder data, as it defines the necessary protocols and controls required to protect this sensitive information effectively.