Security Breach: Target Stores Name: Institutional Affiliation: Case Study: Target Stores Company Description of Security Breach A breach of customer information occurred in the year 2013 at a company known as Target Stores. During this period nearly 40 million of its customers that purchased from the company had hackers who had invaded into the card readers stealing both their credit also debit card numbers. Worse still more 70 million of the customers were victims of a breach of their personal information that is their names their addresses as well as telephone numbers became compromised. The consequences of this form of security breach were tremendous. By the month of February 2014 the company had used about $61 million in payments for legal fees updating of the software’s reimbursing the customers as well as monitoring the credits in addition to other costs that are related to failures in the cyber security. preventing such threats from going past the control points in an accurate manner. Finally the companies will develop a culture of reviewing progress in a periodical basis (Haag & Cummings 2013). It is a requirement that the firms ought to carry a review of their systems the policies as well as training on a regular basis so as to achieve maximum efficiency. Making use of the visibility that is provided through the monitoring systems it is possible for the companies to improve their employee training be able to expand deployment apart from systematically eliminating vulnerabilities. Additionally all the systems ought to undergo a thorough review in the event of any breach so as to determine the system failures or in any manner to flag off all forms of systems vulnerabilities. References Haag S. & Cummings M. (2013). Management information systems for the information age (9th ed.). New York NY: McGraw-Hill Irwin [...]
First Question: The Security Life Cycle Model is a process that helps in maintaining an acceptable level of security in industrial controls systems and networks. The model begins with deterrence and ends with correction. In your own words, describe this process while incorporating an example (e.g., of how to deter XX and how to prevent XX and so on through the cycle). Your reply should be a minimum 1-2 paragraphs. Can be more also. A paragraph is 3 sentences minimum and 5 sentences maximum. second question: NIST 800-82 is a guide to Industrial Control Systems (ICS) Security, which SCADA falls under. Select one control, identify whether the control falls under Management, Operational or Technical Controls and explain what this control helps mitigate in a SCADA system? Provide an example of this control in a real world situation (for example you can refer to one of the case-studies and explain how XX control could have mitigated Y). Your reply should be a minimum of 1-2 paragraphs. Can be more also. A paragraph is 3 sentences minimum and 5 sentences maximum.