Even Though target already had current policies in place six months prior to

Even though target already had current policies in

This preview shows page 2 - 5 out of 17 pages.

Even Though , target already had current policies in place, six months prior to hackers getting into their security system . They had began a $1.6 million malware detection tool they purchased from a computer security firm called FireEye. Even with this billion dollar infrastructure, which was much more extensive than other retailers. It still couldn't do much for the company because, target failed to act upon their finding in the new security system. Hackers were eventually able to infiltrate Target’s network by using an HVAC. When they gained access, they installed a pair of malware programs. They then sent malware
designed to steal credit card numbers to cashier stations in every domestic Target store. November 30, 2013, FireEye was alerted to the presence of the malware. Target’s security teams in Bangalore were immediately notified of the potential breach. FireEye had the ability to automatically disable the malware, but Target had turned this feature off. By target turning the feature off, they no longer had any way of being alerted so FireEye also alerted Target on December 2 after hackers released a new version of malware. (Adkins, 2014) Based on the evaluation, the best approach to targets security system . Is to come up with a security system that alerts the user immediately giving the middle man the op- portunity to find a quick solution to the breach and putting a stop to it right away. There are several key leaders since confidentiality is a important factor , it is essential to have designated a security officer who would be responsible for coordinating and executing the program that would protect customers information . This security officer would also report to someone outside of the organization to make sure everything is secure and in line. The officer would also offer classes to current employees , by teaching them how to detect a potential threats to the organization. Thats why it is important develop a risk assessment team who would manage the security program. This team would be one the most important key factors to the organiza- tion because they would identify the risk and would ultimately decide on the appropriate,
most cost effective ways to manage them. The main objective would be to minimize po- tential threats , but not eliminate them . To insure integrity in the organization and to pre- vent data integrity failure an alerting system would be put into place. This system will be designed to detect potential threats, and give the risk assessment team options on how to get rid of the threats. Target already has had a bad reputation with immediate response to the breaches. They also claimed that it had suffered a data breach despite its best efforts, but it was later revealed that it had been alerted more than once about breaches. It was said Target also waited six days after it was informed to tell consumers about the hacking attack, and about a month before it revealed the extent of it. More than 90 lawsuits have been filed against Target by both customers and banks, and Target's profit during the holiday shop- ping period dropped 46 percent from the previous year.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture