Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Session 3-Target Case Summary and Key Lesson: Cybersecurity is a key topic in boardrooms today. The high-profile press exposure of this breach also provides insights

Session 3-Target

Case Summary and Key Lesson:Cybersecurity is a key topic in boardrooms today. The high-profile press exposure of this breach also provides insights to all enterprises where the security of data is a critical issue requiring mitigation strategies and continued vigilance. The key lesson of this case is understanding that information security is NOT the exclusive domain of the IT organization and that employees, executives, and Boards play an important role regarding:

  • the identification and preventionof such threats as well as
  • minimizing the losseswhen such attacks occur.

Case Readings:

Additional readings on Canvas (C); "NACD Board's role in cybersecurity" (C);Target Risk and Compliance Committee Charter (C), McKinsey article on "Protecting your critical Digital Assets..." (C)

Case-Specific Questions:

  1. Who should have been fired and why?
  2. While some consider Target's breach was unlucky being "in the wrong place at the wrong time" from a historical perspective, they were also lax in their approach to protecting customer information. Answer the following:
  3. Prevention of the breach - Using facts from the case and accompanying articles, what key People, Processes, and Technology issues (you will need to be selective here...) contributed to creating the vulnerability that led to the data breach?
  4. Response to the breach - What did it take so long to get the complete and accurate story and resolutionout to Target's customers, BOD and shareholders?

  1. A quote from one of the articles in your readings "Effective cybersecurity requires engagement from every level of an organization, from the board of directors on down to the mailroom"exemplifies a key lesson from this case.

The BOD's risk management role is an integral component of their fiduciary duty to the company. The CEO's role is "the buck stops here" regarding all company business operations and the CIO's role is to be the information systems leader. You are the new chairperson of Target's new Risk and Compliance (R&C) committee (Reports to BOD - see charter in accompanying BB reading). This committee's work NOW includes "information security" (see "Risk Oversight" section in its new charter [in Canvas]).

Given your understanding of what just happened and its fundamental causes, what key recommendations would you make to the new CEO and new CIO regarding information security? Please use a table to display your answers.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Accounting Principles Managerial Concepts

Authors: Jerry J. Weygandt, Donald E. Kieso, Paul D. Kimmel, Barbara Trenholm, Valerie Kinnear, Joan E. Barlow

7th Canadian Edition

1119310296, 978-1119310297

More Books

Students also viewed these Accounting questions

Question

9 . TEXT, NUMBER, AND CURRENCY ARE EXAMPLES OF DATA two or flos

Answered: 1 week ago

Question

1. To gain knowledge about the way information is stored in memory.

Answered: 1 week ago