• Application of Security Principles
During the Christmas holiday shopping season in 2013, Target Corporation revealed that it had been the victim of a massive data breach, which compromised the identities of millions of their customers.
While Target had the misfortune of being the first to reveal the breach, it was later discovered, in a much less public way, that other retailers had been victims of the same attack.
Engage in research on this particular data breach and learn as much as you can about the circumstances, sources, and methods that were used in this attack.
When you have completed that research and the study activities related to security principles, apply those principles to what you have learned about the attack.
Write a 2"3 page paper discussing the areas of vulnerability that were exploited and what security principles failed, providing a gateway into the information assets of Target Corporation and other retailers. As part of your discussion:
• Analyze the approach taken by the attackers to gain access to this data.
• Analyze the failures in the security principles that made the organization vulnerable to this attack.
• Explain how this attack could have been prevented without impacting user productivity or customer satisfaction.
• Explain how the security principles can be applied in order to enforce policy and prevent a future breach.
Assignment Requirements
• Written communication: Written communication is free of errors that detract from the overall message.
• APA formatting: Resources and citations are formatted according to APA (6th edition) style and formatting.
• Length of paper: 2-3 pages, excluding the references page.
• Font and font size: Times New Roman, 12 point.
• Required Reading
The required reading is foundational to the concepts of security principles, which will support the Unit 1 assignment.
• Use Information Security Management Handbook to read the following:
o Chapter 3, "Appreciating Organizational Behavior and Institutions to Solidify Your Information Security Program," pages 29-46.
o Chapter 4, "The Information Security Auditors Have Arrived-Now What?," pages 47-62.
• Use Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems to read Chapter 2, "The Fundamentals," pages 5-32.
• Web Resources
Video
The objective of this video is to demonstrate some practical application of the information security principles that were covered in the required reading.
• Security Principles Versus the Real World (54 minutes).
Internet and Library Research
Use the following keywords to research the history of the information security profession in preparation for participating in the unit discussion:
• History of information security.
• Information security evolution.
• Computer security history.
• Computer security founders.
• Information security founders.