Founded in February 1902, Target Corporation has remained one of the best performing online retailers in the United States. The company provides everyday necessities at affordable prices to customers. The products offered by Target include grocery, dairy items, and perishables. A large percentage of Target’s customers come from the United States and Canada. This explains why Target has its stores located in these two regions. The company’s best performing brands include Kid Made Modern, Simply Shabby, O’Brein, and Cherokee. Target Corporation is one of those companies that have been faced with data security issues in the recent past.
Fundamental Challenges That Organizations Face In General In Regard To Protecting Organizational Assets And Information
Organizations in the contemporary world are faced with numerous challenges related to protection of organizational assets and information. The main challenge that organizations face in regard to protection of their assets and information is lack of hardware and software that are required to protect valuable resources (Bhadauria et al., 2011). Although an organization may have enough capital to use in safeguarding its data, inappropriate choice of software and hardware may ruin its reputation and even result into loss of very crucial assets, both tangible and intangible. Apart from hardware and software selection, an organization must also ensure that it appropriately defines employee’s roles and responsibilities through well laid down rules and policies (Doherty and Fulford, 2005). By laying down proper management control measures, organizations can effectively protect their assets and information.
Another challenge facing organizations regarding protection of assets and information is improper implementation of technology that is largely used to store data. The technological advancements in the contemporary world have compelled organizations to upgrade their systems and to be able to provide excellent services to customers. For instance, companies have integrated e-commerce into their systems specifically for buying and selling of products and services. Companies that exclusively use e-commerce to sell goods and services find it very difficult to adopt those systems in a manner that will enable them to increase efficiency and productivity, and to achieve competitive advantage. Improper implementation of e-business systems is therefore one of the reasons why modern companies lose data as well as their important assets. Modern organizations must continuously monitor their systems to ensure that they are safe from external attacks (Panko, 2010).
Red Flag That Target Overlooked Or Ignored Before The Retail Attack
In the given case, the data security of Target Corporation was breached by cybercriminals, leading to loss of financial and personal information of several millions of customers. The retail attacked at Target could have been avoided if only Target could have effectively taken appropriate actions towards various red flags that were observed before the attack. The first red flag occurred in 2013 when a malware was installed in the company’s payment system to steal credit cards used in its 1797 stores across the United States. Target did not take any action to help improve its data security system (Weiss and Miller, 2015). Another red flag that occurred when an escape route for Target’s data was planned in the company’s stores located in the United States. Fortunately, these activities were spotted before they could cause harm, but Target did not take appropriate actions to help avoid similar attacks in future. The two red flags mentioned above required immediate action by Target, a move that could have avoided the observed damage to the company’s reputation (Weiss and Miller, 2015).
Main Actions That Target Took After The Breach Occurred The Efficiency Of Such Actions.
After the security breach occurred, Target has seen the importance of taking actions that can help it win back customer trust and record high sales as before. First Target has recruited a competent Chief Information Security Officer who will help identify and prevent risks associated with information security and technology. The Chief Information Security Officer will ensure that the company’s customers and guests are safe from information security threats. Second, Target has officially joined the Financial Services Information Sharing and Analysis Center to help it enhance its information security system. The Financial Services Information Sharing and Analysis Center is a non-profit organization that assists companies to detect, prevent, and respond to cyber attacks and any forms of fraudulent activities. Third, Target has invested close to 5 million United States Dollars in cyber security coalition. This coalition helps the company to increase awareness about cybersecurity. Fourth, Target has taken significant actions to help strengthen cyber security across all its networks. The company achieves this by offering frequent updates on security and technology enhancements (Lowestein, 2014).
Fifth, Target has spent approximately 61 million United States Dollars since February 2014 as a response to the security breach. In order to gain customer trust that it has already lost, Target Chief Executive Officer has announced that customers will not be required to pay anything for the fraudulent activities that have resulted from the security breach. Target suffered significant financial losses following the security breach. For instance, in 2013, the company’s profit fell to 46 percent from more than 50 percent in the previous year. The actions that the Target has taken since the security breach occurred are highly efficient in the sense that, they will enable the company to avoid significant financial losses resulting from security breach in future (Lowestein, 2014).
Main Reasons Why The Attack On Target Occurred
The attack on target occurred due to a number of reasons. Prior to executing more sever email attacks, cyber criminals often begin with simple and basic attacks that enable them to scrutinize a company’s system effectively. It is after the cyber criminals are conversant with how a company’s system operates when they will execute massive attacks. In Target’s case, it can be concluded that the company indirectly contributed to the attack that occurred on its system. Target has left a large amount of its internal information in the hands of vendors though its websites. These websites do not require login details and everyone who gets to the website can get access to this information. This means that the company’s data is easily accessible to members of the public. For this reason, the hackers found it very easy to steal consumers’ financial and personal data (Weiss and Miller, 2015).
Personally, I feel that the attack occurred due to poor infrastructure as well as due to the inability of management to act accordingly. First, the company has not put in place the right hardware and software that can enable it to protect customers’ data. This is evidenced in the manner the company has left its internal data unprotected and to be accessed easily by the public. Second, the attack occurred because the company’s management failed to react accordingly to the red flags that it had experienced before. Had the company’s management take appropriate action on time, the security breach could have been avoided. The significant financial loss that Target has experienced as a result of security breach explain why the company should invest heavily in initiatives and programs that will enable it to offer the greatest customer purchase security (Dlamini, Eloff and Eloff, 2009).