Assignment: Your Role as an Advisor- Class Action Case of Information Security Manager
Case Overview:
You work for a fast food company with multiple outlets as the Information Security Manager. Our company is based in California.
The company lawyer wants your technical viewpoint on a class action law suit that they have just received.
This class action case involves at least 355,000 customers of the fast food restaurant chain that had their payment card data and other personally identifiable information stolen by computer hackers. It is alleged that we failed to upgrade our payment systems to use EMV technology and failed to comply with FTC requirements. It is also alleged that after computer hackers used malware to access the POS systems of approximately 500 of the chain's locations, we failed to provide timely, accurate or adequate notice to our customers that their information was stolen.
Task:
1) What is EMV technology?
2) What regulatory requirements exist pertaining to the types of payment technology consumer companies should be using?
3) What should we have done to prevent our customer's payment data from being stolen through the malware attack?
4) When customer payment data is hacked, what duty does the company have, if any, to inform them of the data breach?
5) There have been similar cases, in or closely related to the fast food field, what were the outcomes?
6) What training should we give our staff to prevent this from happening again?
Format your assignment according to the following formatting requirements:
(1) The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
(2) The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
(3) Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.