Case Study on PCI DSS Noncompliance: CardSystems Solutions
Preparation
This assignment requires you to complete Lab 3 in your Laboratory Manual to Accompany Legal Issues in Information Security lab manual. In a face-to-face courseroom, you might write your assignment in a paper-based copy of this lab manual and tear it out to give to your instructor. However, in this online course, you will only use the lab as a starting point. Do not create the files as indicated in the lab. Instead, read the lab information or case study, then complete the assignment as outlined below, using a Word document for your assignment submission.
Instructions
In your lab manual, complete the following:
Grama, J. L. (2015). Laboratory manual to accompany Legal Issues in Information Security, Version 2.0 (2nd ed.). Burlington, MA: Jones & Bartlett.
Lab 3, “Case Study on PCI DSS Non-compliance: CardSystems Solutions,” page 18.
Complete the following sections of the lab:
Introduction.
Hands-On Steps.
Note: the Hands-On Steps provide a starting point for your research, but the requirements of this assignment are defined below.
Next, complete the following research:
Conduct your own independent research online to find a real-world case study on Payment Card Industry Data Security Standard (PCI DSS) noncompliance.
Always record the citations for your resources, including the URLs for online materials. You will provide them in reference lists for your assignments.
Requirements
For this assignment, address the following:
Explain the implications of the case study from the field of information security that you located online.
Remember to provide the URL for the case study.
Analyze the case study in the lab manual.
Identify the privacy data breach that occurred.
Explain if CardSystems Solutions broke any laws.
Assess the auditors findings.
Determine if CardSystems Solutions can or should sue the auditor.
Determine which party was negligent.
Evaluate the actions of the Federal Trade Commission.
Did the actions of CardSystems Solutions warrant an unfair trade practice designation?
Recommend PCI DSS-compliant mitigation strategies to prevent the same thing from happening again.
Use a minimum of three professional resources to support your statements in this assignment. Be sure to cite your sources correctly, following APA guidelines.
Additional Requirements
Formatting guidelines: Include a title page and references page.
Length: 24 pages, not including the title page and references page.
Number of resources: Use at least 3 scholarly and/or professional sources.
Reference format: Use APA style and format for citations and references.
Font: Times New Roman, 12-point font, double-spaced.
Refer to the assignment scoring guide to ensure you have addressed all of the evaluation criteria for this assignment.
Submit your assignment as a Word document in the assignment area.
