Professional Documents
Culture Documents
Case_Study_5_____Cyber_Breach_at_Target.docx
Case_Study_5_____Cyber_Breach_at_Target.docx
Question 2. What, if anything, might Target have done better to avoid being
breached? What technical or organizational constraints might have prevented
them from tacking such actions?
Answer: FireEye. Inc a firm that provided a Malware detection tool to the Target
was also a security specialist in Bangalore initially raised an alert of an attack right
after the Black Friday shopping season, in November.
The FireEye team continuing sending an electronic alert to Target's in-house
security team in Minnesota which indicates the disclosure of malware interruptions
but that had not been activated yet.
On December 2, when malware started extracting the customer data to the
hackers, the FireEye teams from India alerted the Target security team, but get no
response.
This study source was downloaded by 100000869071362 from CourseHero.com on 11-13-2023 21:00:19 GMT -06:00
https://www.coursehero.com/file/100828963/Case-Study-5-Cyber-Breach-at-Targetdocx/
The breach could have been stopped before without any human intervention.
because the system has an option to automatically delete the malware as soon as
it's detected. But Targets' security team has turned off that function.
If the Target security team takes FireEys's warning seriously they could avoid being
breached. Also, the target has missed the functional opportunities which were
inbuild in the system.
This study source was downloaded by 100000869071362 from CourseHero.com on 11-13-2023 21:00:19 GMT -06:00
https://www.coursehero.com/file/100828963/Case-Study-5-Cyber-Breach-at-Targetdocx/
The Lawsuits stated that the directors breached their fiduciary duty by failing to
implement controls to protect consumer data.
Shareholder claimed that the directors' negligence caused a waste of corporate
assets, as the firm lost revenue, had to offer a 10% discount to draw customers
back to the store and faces upcoming litigation expenses.
Question 5: What lessons can you draw from this case for prevention and
response to cyber breaches?
Answer: It is better to stop something bad from happening than it is to deal with it
after it has happened.
lessons I draw prevention and response to cyber breaches
-Target could have to monitor its vender services
-Target could have to check the security warning by anti-intrusion partner.
- Target could have stopped the breach if the target uses the Malware detection
system properly. there were multiple warnings from the company's anti-intrusion
software which were ignored by the target.
This study source was downloaded by 100000869071362 from CourseHero.com on 11-13-2023 21:00:19 GMT -06:00
https://www.coursehero.com/file/100828963/Case-Study-5-Cyber-Breach-at-Targetdocx/
network but target fails to do that if the data is properly encrypted in transit and at
rest, it shouldn't be of any use to attackers.
This study source was downloaded by 100000869071362 from CourseHero.com on 11-13-2023 21:00:19 GMT -06:00
https://www.coursehero.com/file/100828963/Case-Study-5-Cyber-Breach-at-Targetdocx/
Powered by TCPDF (www.tcpdf.org)