Cyber Security Case Study
Target US is a retail corporation that provides products or almost every kind, from grocery to fashion and household products at discounted rates (Manworren, Letwat, & Daily, 2016). It is the second largest retail corporation of America and WalMart is its biggest competitor regarding growth rate and quality of products. Target has an online shopping website Target.com where customers can get the products shipped to their homes (Manworren, Letwat, & Daily, 2016).
In 2013, a data breach occurred on the Target.com website. The cyber criminal used a malware and installed it in the point of sale system of the company. As a result, financial details of almost 70 million users were stolen. Almost 50 percent loss in profit (148 million dollars) was faced by Target (Weiss & Miller, 2015). In order to save the reputation of the corporation, target offered free of cost credit card monitoring for the consumers that were affected by the breach. Moreover, 10 percent discount was also announced (Weiss & Miller, 2015). Company spent almost 100 million dollars on innovative technology to ensure secure card processing. Only a month after this breach of online data, the market shares of Target dropped to 56 dollars as compared to the previous 62 dollars. The company faced legal cases from credit card companies and paid penalties to Securities and Exchange Commission and the Federal Trade Commission.
Target deployed a number of security measures to avoid such risks in the future. Some of these are mentioned below:
- White listing of online purchasing app at point of sales (Weiss & Miller, 2015)
- Access of vendor to the server was made limited (Weiss & Miller, 2015)
- Two-factor authentication was introduced and training for password rotation was used (Weiss & Miller, 2015).
- Actualizing improved division, including the advancement of purpose of-offer administration apparatuses (Weiss & Miller, 2015)
- Survey and streamlining of system firewall principles (Weiss & Miller, 2015)
As business manager, will recommend the organization to find the root cause of the problem and solve it immediately in instead of applying temporary solutions. Also, will recommend to increase the awareness of all the employees whatever the position they are working on, in this case the organization will ensure that the number of unaware employee is decreased and they will help to protect the organization from future attacks. Last of all, to prepare the IT department by increasing the trainings and their update to the latest information about information security and also sending them to different seminars for the modern updates in order to be updated and get equipped with what are the recent trends when it comes to any cyber threats.
Weiss, N. E., & Miller, R. S. (2015, February). The target and other financial data breaches: Frequently asked questions. In Congressional Research Service, Prepared for Members and Committees of Congress February (Vol. 4, p. 2015).
Manworren, N., Letwat, J., & Daily, O. (2016). Why you should care about the Target data breach. Business Horizons, 59(3), 257-266.