Target - News, Features, and Slideshows

Features

• They Fought the Law, The Law Won

  Reading the headlines relating to cyber-security you would not be blamed for thinking we are in a losing battle against relentless foes. The breaches at OPM, Ashley Madison, Target, Sony, and many others highlight criminals are consistently looking for ways to breach our defences. It is understandable then why many CISOs may look nervously at their networks wondering if they will be the next victim, or worse, are they already a victim without knowing it.

  Brian Honan | 27 Jul | Read more

• CSO's CISO Executive Career and Leadership Success Guide

  A lot has changed since the early years, when enterprises first began embracing the CISO position. Back then, the CISO role was primarily a technical one: control user access, secure the databases, find and patch vulnerabilities, keep the malware out, and eventually to help build secure websites and eCommerce platforms. In those days, most of the highly proprietary data resided within the local area network, the data center, or within PCs and notebooks.

  George V. Hulme | 02 Jun | Read more

• The science behind alert fatigue: How to turn down the noise so you can hear the signal

  You've likely experienced <a href="http://www.healthcareitnews.com/directory/alert-fatigue">alert fatigue</a> at some point in your life. You feel exasperated as your phone pings for what seems like the hundredth time in a day, or your eyes glaze over as a glut of new analytics data rolls in. You feel resigned to the fact that an influx of email could very well go on forever.

  By Marius Moscovici, founder and CEO, Metric Insights | 07 May | Read more

• Sony breach turns bank's focus to users

  When New Jersey's Provident Bank was founded in 1839, Martin Van Buren was president. The First Opium War was getting going in China. And, in Boston, the American Statistical Association was just being founded.

  Maria Korolov | 04 Apr | Read more

• Security Manager's Journal: Breaches are everywhere

  Follow me, if you will, on a journey back in time to just one year ago. As 2013 turned into 2014, the information security industry was buzzing about the latest spate of breaches. Target had ushered in a new era of retail security breaches, with 40 million card numbers lost to the hackers. Little did we know at the time that this was just the beginning, and small potatoes in comparison to what was to come. One year ago, Neiman Marcus and Michaels had joined Target, and <a href="http://www.computerworld.com/article/2487265/security0/security-manager-s-journal--cyberattacks-just-got-personal.html">I wrote in response to the growing number of breach disclosures</a> that "in fact, I have to wonder which retailers have <em>not</em> suffered breaches. The word on the street is that at least a half-dozen other retailers were compromised in the past few months, without publicity." Sadly, this turned out to be true. I hate being right all the time.

  By J.F. Rice | 12 Feb | Read more

• Breaches are a personal nightmare for corporate security pros

  Beyond the compromise of valuable information, loss of revenues and damage to brand reputation, data breaches can pose a threat to the careers of security professionals involved: witness the sudden <a href="http://www.networkworld.com/article/2174919/network-security/target-cio-resigns-following-breach.html">departures of both the CEO and the CIO</a> of Target after last year's compromise of 40 million customers' credit cards.

  Tim Greene | 29 Jan | Read more

• Lack of security in small companies means big risk for the enterprise

  "I've been in the security business for 25-years. The industry spent the first 20 of those developing perimeter security products. Then five years ago, we simply let everybody in, building an ecosystem of third-party vendors and service providers that are now part of our federated enterprise," says Mo Rosen, COO, Xceedium.

  David Geer | 23 Jan | Read more

• Retailers must not ignore security alerts, court says

  In what some security experts are calling a "game changer," a Minnesota federal court held Target liable earlier this month for data breach losses because the company had ignored its own security alerts.

  Maria Korolov | 16 Dec | Read more

• The top infosec issues of 2014

  There is still time for any list of the "top information security issues of 2014" to be rendered obsolete. The holiday shopping season is just getting into high gear, after all, and everybody knows it was from late November to mid-December last year when the catastrophic Target breach occurred.

  Taylor Armerding | 18 Nov | Read more

• Privacy is the new killer app

  A funny thing is happening in the wake of the <a href="http://www.computerworld.com/article/2490179/security0/security0-the-snowden-leaks-a-timeline.html">Edward Snowden NSA revelations</a>, the infamous <a href="http://www.computerworld.com/article/2601905/apple-icloud-take-reputation-hits-after-photo-scandal.html">iCloud hack of celebrity nude photos</a>, and the hit parade of customer data breaches at <a href="http://www.computerworld.com/article/2490637/security0/target-finally-gets-its-first-ciso.html">Target</a>, <a href="http://www.computerworld.com/article/2844491/home-depot-attackers-broke-in-using-a-vendors-stolen-credentials.html">Home Depot</a> and the <a href="http://www.computerworld.com/article/2845621/government/us-postal-service-suffers-breach-of-employee-customer-data.html">U.S. Postal Service</a>. If it's not the government looking at your data, it's bored, lonely teenagers from the Internet or credit card fraudsters.

  Matt Weinberger | 15 Nov | Read more

• The hacker 'skills gap' may be more of a strategy gap

  It sure feels like the bad guys are winning.

  Taylor Armerding | 04 Sep | Read more

• 

  11 Steps Attackers Took to Crack Target

  Despite the massive scale of the theft of Personal Identifiable Information (PII) and credit card and debit card data resulting from last year's data breach of retail titan Target, the company's PCI compliance program may have significantly reduced the scope of the damage, according to new research by security firm Aorato, which specializes in Active Directory monitoring and protection.

  Thor Olavsrud | 02 Sep | Read more

• PCI DSS 3.0 compliance deadline approaches. Will it make any difference?

  Don't expect credit card security – or lack of it – to be magically transformed when the new year dawns on Jan. 1, 2015, the deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 3.0.

  Taylor Armerding | 22 Aug | Read more

• Revamping your insider threat program

  Companies including MITRE are looking at privileged access and how to better lock it down -- without stopping employees from doing their jobs.

  Sandra Gittlen | 14 Jul | Read more

• Major companies, like Target, often fail to act on malware alerts

  Companies that suffer major data breaches almost always portray themselves as victims of cutting edge attack techniques and tools. The reality, though, is often much more mundane.

  Jaikumar Vijayan | 14 Mar | Read more