Based on the benefit of hindsight, discuss how you would manage security at Target differently in order to prevent the intrusion or quickly detect and isolate the intrusion.
From the article written by (2014) it is evident that the data breach experienced at Target is a self-inflicted security issue owing to instances of ignorance. Information security threat detection devices alerted Target regarding the firm’s vulnerability to an unidentified malware or infected worm within the company’s network system software processor. Instead of acing on the warning, Target ignored the security issue as mild, leading to the eventual data breach that almost crippled the company’s information management system.
Target’s data breach is evidence of what happens to companies that ignore the security policies and management systems they set, especially when it comes to data management. Instead of ignoring the initial warning concerning the existence of malware in their system effective security management calls for the evaluation of all potential security threats, regardless of their severity. In fact. Information management does not have security threats that can be ignored and assumed as inconsequential. It is important to take every potential threat seriously and act on it with haste to prevent any dire eventualities like the one that affected Target.
Even after the data breach had occurred, affecting thousands of its customers, Target wen on to downplay the severity of the data breach. Apart from rapid response, early notification of all individuals affected by a security breach is important. The poor management of the entire data breach incident is reflective of the poor management at Target at the time. When addressing issues of insecurity in data management, leaders should adopt a decisive approach that allows them to make hasty decisions to prevent any further spread of the breach.
Identify and explain policies, procedures and any technical controls that you would implement either to prevent or mitigate the breach.
The maintenance of safe data handling is not an easy task, especially in this modern age where hackers and other cyber-criminals are always advancing their skills. As such, institutions that use or handle information should ensure to remain up to date with the best policies and practices aimed at maintaining data security.
Effective and frequent training of information management security re mains the most important policy any organization could adopt. The training allows individuals, mostly employees and customers to equip themselves with the right tool and strategies required to identify, respond, and even prevent data breaches (Smallwood, 2019). It is also important to note that technology changes with each new day. Therefore, organizations should also consider having yearly training sessions to ensure that stakeholders maintain the updated version of data security awareness.
Setting up data security tools is not enough when talking about information security. The most important ting is to ensure the effective implementation of all data protection strategies and policies. In Target’s case, they had the right malware detection technology but failed in the implementation phase because instead of acting of the warning, the company simply ignored the alerts.
The performance of regular vulnerability assessments is also important n the maintenance of information security (Smallwood, 2019). Most data protection technologies tend to fail or exposure. As such, it is up to the data managers to ensure that all the necessary changes and updates are made, and on time, to ensure that ackers do not take advantage of system weaknesses.
Every company managing the personal information of clients should develop a data beach response plan that informs their reaction to issues of information insecurity (Smallwood, 2019). A data breach response plan makes it easier and much more effective for organizations to respond and deal with data breaches in a more streamlined and hasty manner, which is important in the reduction of the extent of the data breach. If Target had a data breach response plan, the company would have been more effective in responding to its data breach, not only limiting the extent of the breach but also acting fast to secure the identity and privacy of clients whose information had already been exposed.
Schwartz, M. (2014). Target Ignored Data Breach Alarms. Retrieved from https://www.darkreading.com/attacks-and-breaches/target-ignored-data-breach-alarms/d/d-id/1127712Smallwood, R. F. (2019). Information governance: Concepts, strategies, and best practices. Hoboken, New Jersey: John Wiley & Sons, Inc.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more