The Target case revisits the events in late 2013 that gave rise to what was at the time the largest breach of confidential data in history. After you experience the cases and debrief what you have learned, you should have a better understanding in a number of areas, including the following:
1. Familiarize with vocabulary related to information security 2. Understand how threats can materialize, resulting in a major data breach
(approaches and actors) 3. Identify the vulnerabilities of a business (by analyzing and understanding the
different sources of risk) 4. Become aware of the fact that humans continue to be the weak link in the chain of
information security 5. Understand the principal control measures a business can deploy to protect itself 6. Identify and understand the specific issues raised by information security, notably in
a digital business environment.
Instructions
Purchase “Autopsy of a Data Breach: The Target Case” for $4.25 using the following link and read the case in detail:
• https://hbsp.harvard.edu/import/1210839
Submit your answers to case-related questions in D2L no later than Sunday Oct 13th, 11:30 p.m. • Up to three pages • Font: Calibri, Font Size: 11, Line Space: 1.0 • APA Citation Format (if needed)
CSEC 340
Assignment 3: Autopsy of a Data Breach-The Target Case
https://hbsp.harvard.edu/import/1210839
Page 2 of 2
Case-Related Questions
1. What steps did the cybercriminals follow in committing this theft?
2. What factors allowed this theft to take place?
3. What are the consequences of the breach for the stakeholders?
4. Look at the sources of risk one by one: incompetent employees, rogue employees, hackers,
business and technology partners and technology components. How did each source contribute
to the data breach? In other words, what role did each of these actors play in this attack?”
5. What impact did the breach have? Were its effects only negative?
6. What had Target already done, or what should it have done, to protect itself against these risks
(based on each of the risks identified)? Organize your answers based on each source of risk as
presented above.
7. What have you learned from this case? As a future manager, what will you take away from this
case? Were you surprised by any aspects of this case?
Grading
This assignment values 10 points of your grade.
**Use your critical thinking skills and discuss the questions from multiple perspectives. This is NOT a short-answer assignment.