Case Study 1: Cyber Security in Business Organization


Due Week 6 and worth 120 points

Protecting organizational assets and information within the company has become a top priority for many organizational leaders. 

Review the article titled “Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It”

Write a four to 3-page paper in which you:

-Determine the fundamental challenges that organizations face in general in regard to protecting organizational assets and information. 
Specify the red flag(s) that Target overlooked or ignored before the retail attack and give your opinion as to why Target overlooked or ignored the red flag(s).
-Determine the main actions that Target took after the breach occurred and evaluate the efficiency of such actions. 
-Conclude the main reasons why the attack on Target occurred. Give your opinion as to whether or not the attack was mainly due to the poor infrastructure or the inability of management to act accordingly.

Justify your response.
Use at least four (4) quality references. Note: Wikipedia and other Websites do not qualify as academic resources. 
Your assignment must follow these formatting requirements:

Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The teacher said the this courseis designed to helps us achieve the following learning outcomes:

Outline the strategic implications of information assurance and security in an information technology environment.
Explain how information technology systems influence organizational strategies.
Outline the challenges and strategies of e-Business and e-Commerce technology.
Evaluate the ethical concerns that information technologies raise in a global context.
Use technology and information resources to research issues in information systems and technology. 
Write clearly and concisely about topics related to information systems for decision making using proper writing mechanics and technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills. Click here to access the rubric for this assignment.


Cyber security in Business Organizations


Introduction. 2

ChallengesFaced by Businesses When Developing a Data Security Strategy. 2

Employees’ role in data security management 2

Size of an organization in data security management 3

Conclusion. 4

References. 6


            Cybersecurity is the protection of data-driven innovations and business data against theft and abuse. It is essential that businesses protect themselves, their employees, and customer through the deployment of a comprehensive data security strategy. While this may be easily accomplished by small and medium-sized organizations, it has proven to be a major challenge for enterprise-level organizations due to their complex business structure and the large amount of business data that they handle. Ultimately, a comprehensive data security strategy must continually be adaptable to the ever-evolving cybercrime type. The strategy must keep growing its security controls and protocols. The achievement of this near-optimal strategy however is hampered by a number of challenges.


Picture this; in 2013, just a few days before Thanksgiving, a Malware was planted into Target Corporation’s security and payment infrastructure. The aggressive Malware was designed in a way that it could steal customer credit card information as they made payments for their shopping at all the company’s 1,797 U.S. stores. Basing the discussion on this historic digital attack, this paper aims at looking at the challenges face by organization when developing a comprehensive data security strategy.

ChallengesFaced by Businesses When Developing a Data Security Strategy

Employees’ role in data security management

An organization’s employees play an important role in ensuring the effectiveness of a data security system. Cybercriminals have diversified the methods they use to circumnavigate security obstacles through social networking schemes where a good-natured employee is into tapping into a noxious connection. Through this, an otherwise full proof security system can infiltrated and rendered useless by the use of an innocent looking phishing email or a simple phone call allowing hackers into the secure framework. These employee-focused assaults are increasing in their ingenuity and effectiveness. The workers get enticed into these social networks with promises of making an extra form of income. To reduce this, organizations must invest in data security awareness training for all staff with access and involved to the data security protocol (Hughes, 2017).

Furthermore, any data security system can be infiltrated by ignorance or an employee within the security failing to identify or pay close attention to the simplest of threat alerts or not taking the appropriate measures laid down within the system to defuse a threat. This was the case in the Target scenario where Bangalore, the security experts observing the company’s system’ got the security breach alert, flagged and notified Minneapolis. However, the flagging was not taken seriously with the team in Minneapolis leading to the breach and eventual loss to the company and its customers.

All said and done, employees are normally the weakest link in an otherwise secure system especially in enterprise-level organizations like Target Corporation. Their employees’ lackluster attention, ignorance, insider trading and the inability to identify a security threats are the largest contributors of the numerous data security breaches in many organizations (Donaldson, Siegel, Williams, &Aslam, 2015).

Size of an organization in data security management

            An organization’s size determines the amount of data that they handle through their system. Target Corporation is America’s second-largest discount store, with Walmart being the largest. Headquartered in Minneapolis, it was founded by George Dayton; today, it has 1,802 chain stores in the United States ( This information gives some perspective regarding the enormous amount of data that the corporation handles in its system. The corporation has a diverse clientele, handle multiple product within its inventory across all the chain stores within America. The corporation also comprises of discrete internal departments or organizational units hence the significantly large amount of business data to be process and analyzed by the security system. This makes it relatively difficult and expensive to device and manage a comprehensive data security system. This is makes it even more challenging to meet the basic requirements of a data security of flexibility. Data security systems require continuous monitoring, assessment and modifying to conform to the ever-changing and innovative data attack styles (Woody, 2013) The large amount of data received by Target makes it very hard to maintain constant monitoring and tracking of their origins, this opens up the system to potential attack.


            Furthermore, constant monitoring of the data system require an adequate number of IT specialist who are expensive to remunerate. Large organizations need to pay close attention to fatigue, burnout and loss of drive in the personnel in their quest to maintain constant monitoring of the system(Donaldson, Siegel, Williams, &Aslam, 2015). The personnel suffering from any of these may become complaisant leading to ignorance security alerts, remindersand loss their creativity. Targets personnel in Minneapolis’ ignorance or failure to respond to the security alerts and flags from Bangalore may have been caused by any of the above reasons.


In summary, the attack on Target Corporation had largely to do with the inability of their data security management personnel to take appropriate actions. The corporation had a 1.6-million-dollar security system infrastructure installed just six month before the attack. The system was working well since it was able to detect and deal with the second Malware that hackers attempted. Therefore, it is the reluctant response of data management team in the first attack that led to the successful infiltration of the system.


Hughes, C. (2017). Data Breach: 3 Challenges to Securing Business Data. Cybersecurity insights reports, AT&T,

Donaldson, S. E., Siegel, S. G., Williams, C. K., & Aslam, A. (2015). Meeting the Cybersecurity Challenge: New York, NY: SpringerLink.

Woody, A. (2013). Enterprise Security: A Data-Centric Approach to Securing the Enterprise. Birmingham: Packt Pub.

Get a 5 % discount on an order above $ 100
Use the following coupon code :