preview

Information Security: The Data Breach at Target Corporation

Good Essays
Nowadays, information security is one vital part of a company to develop and maintain its information system. As technology became more advanced in terms of creating and utilizing, the more threats a company’s information system will face. A threat is a person or organization that seeks to obtain or change data illegally, without the owner’s permission and knowledge. Similarly, a vulnerability is an opportunity for threats to gain access to individual or organizational assets (Kroenke 309). Apparently, a threat will lead to a company’s vulnerability gradually, Target Corporation is one specific example in this case. The data breach at Target Corporation which exposed more than 110 million of its customers’ credit card and personal data appears to be related to a malware-laced email with phishing through cyber-attack. With the breach of data, a company might lose massive amount of money in order to cover the incident. In other words, creating a strong information security is said to be one of the most important and challenging task every company is looking forward to keep its business intact.
The type of attack encountered by Target Corp. is most likely malware infection. Malware infection is the most popular threat of attack that has been experienced by the respondents. It took up to 67.1% of all cases of cyber-attacks in the past ten years (Kroenke 315).The breach at Target Corp. occurred sometime before Thanksgivings 2013 when a group of European hackers installed malware in Target’s security and payment system to “steal every credit card used at the company’s 1,797 U.S. stores (Riley, Elgin, Lawrence, and Matlack). For weeks, the invasion of malware went undetected because it escaped all the antivirus protections Target had (H...

... middle of paper ...

...’ purchases on the weekend before Christmas 2013 (Wahba, Phil, and Finkle).
In order to reduce the likelihood of exposing this cyber risk, companies and individuals should have technical safeguards involve hardware and software. Those technical safeguards include identification and authorization, encryption, firewalls, malware protection, and application design (Kroenke 319). One should start to protect his/her security system by a few blocking and tackling. When an antivirus program asks to install the latest updates, one should allow them to do so. The reason is that the program might figure out what its problem is and trying to fix that. Besides constantly checking the security system, individuals should also limit the access to those suspicious emails. Those emails could contain malwares and malicious program that could break through into one’s security system.