The document summarizes 8 common myths about PCI compliance and security. The myths are that [1] PCI does not apply, [2] PCI is too confusing, and [3] PCI is too hard. Other myths are that [4] data breaches prove PCI is irrelevant, [5] PCI only involves self-assessment questionnaires and scans, [6] tools and networks can be PCI compliant, [7] PCI is sufficient for security, and [8] non-compliance will not negatively impact businesses. The document provides realities to counter each myth, noting PCI requirements and potential consequences of non-compliance.