ISM 644 Ashford University W2 Target Liability & Fraudulent Purchases Research

User Generated

OvtoyhrXvat

Computer Science

ISM 644

ashford university

ISM

Description

Questions of Liability: Critique of the Target® Hack

Prior to beginning work on this assignment, read Chapter 3 of the course text, the Inside Target Corp., Days After 2013 Breach article, and review any relevant information from this week’s lecture. Review the instructions below and research at least one additional scholarly source and a minimum of three credible professional sources to support your statements. (Access the MISM Credible Resource Guide for assistance with finding appropriate credible professional resources.)

In 2013, Target Corporation was hacked. Credit and debit card data of 40 million of Target’s customers were exposed. Hackers reportedly infiltrated Target via access from an outside vendor, Fazio Mechanical. Often, CIOs will deal with outside vendors who ask for access or need to access some of their company’s data. Shortly after Target was hacked, the organization has hired you, a risk management expert, to address their handling of Fazio Mechanical’s access to Target’s network and data. Based on this scenario, address the following in a five- to eight-page paper:

  • Analyze current company protocol(s) and draft new protocols you would use to reduce Target’s liability from non-permitted access to their network and data via outside vendors.
    • Explain how the protocol(s) would reduce the risk of liability to Target.
  • Explain whether or not Target can ethically impose a protocol(s) on the internal operations of an outside vendor so that their internal operations more easily conform to Target’s security protocols and internal operations, with the overall intention of reducing Target’s liability.
  • Explain whether Target or Fazio Mechanical is more at fault for exposing Target’s customers’ data, providing rationale(s) for your decision.

The Questions of Liability: Critique of the Target® Hack paper

  • Must be five to eight double-spaced pages (1500-2400 words) in length (not including title and references pages) and formatted according to APA style as outlined in the Writing Center.
  • Must include a separate title page with the following:
    • Title of paper
    • Student’s name
    • Course name and number
    • Instructor’s name
    • Date submitted
  • Must use at least one scholarly source and three credible professional sources in addition to the course text.
    • The Scholarly, Peer Reviewed, and Other Credible Sources table offers additional guidance on appropriate source types. If you have questions about whether a specific source is appropriate for this assignment, please contact your instructor. Your instructor has the final say about the appropriateness of a specific source for a particular assignment.
  • Must document all sources in APA style as outlined in the Writing Center.
  • Must include a separate references page that is formatted according to APA style as outlined in the Writing Center.

Carefully review the Grading Rubric for the criteria that will be used to evaluate your assignment.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

View attached explanation and answer. Let me know if you have any questions.

Running head: TARGET LIABILITY

1

Target Liability
Student Name
Course
Date

TARGET LIABILITY

2
Target liability

After the breach happened, Target took preventive measures by introducing a branded
MasterCard that requires customers to input PIN. This has ensured that the organization provides
customers with added security against fraudulent purchases or usage of stolen or lost cards as
they require a PIN to execute a transfer. Again, the chip cards can store factual information about
the card usage, which is a better representation of customer identity, ensuring that Target can
ensure that the buyer is the card's rightful owner.
The hacking of Target informed the management that their supply chain is at risk, and
attackers can quickly get access to Target's Point of Sale after laying the hands-on HVAC
credentials of the supplier who accessed Target via the external supplier portal. These issues
have been thoroughly looked into by Target's leadership (Gray, & Ladig, 2015). They have
raised awareness to all their suppliers that they should always reject credentials from an
organization they do not recognize or a website they do not trust.
According to Target spokeswoman Molly Synder, after the data breach, Target as a
company has never relaxed and seek a comprehensive understanding of the need for a robust
supplier authentication alternative that will make usage of lost or misplaced credentials less
useful. Target is also looking forward to implementing network segmentation to their systems
that will immediately attackers from operating the supplier portal and accessing valuable
information.
Moreover, Target has reinforced measures to normalize impending breaches by
encouraging customers to use cash options when paying for their goods at Point of Sale. Target
spokeswoman Molly Synder says it helps reduce the exposure of payment cards to hackers.

TARGET LIABILITY

3

Additionally, Target has ensured that card transactions are safe by sending a notification to the
cardholder every time the card is used. I...


Anonymous
Very useful material for studying!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags