Today, the day before Father’s Day, all of Target’s US cash registers went down for several hours. It was a coordinated cyberattack against the retail giant. This attack was done the day before a holiday (Father’s Day). It lasted several hours before Target restored service.
At first it was surprising that Target, a Fortune 500 company, would have such lax cybersecurity resulting in a single point of failure (SPOF). This company gets billions of dollars in sales but has a system which can collapse due to one failure. Next this Target cyberattack incident magnified what not to do when it comes to cyberattacks.
Assess the Damage
You have to do a complete forensic cybersecurity audit. Save all of the ram (random access memory) files, snapshots, EVERYTHING, to trace where the cyberattack originated. Target needs to know what happened ASAP.
Fire the CIO, CISO and Security Management
There is no way that the Chief Information Officer (CIO), Chief Information Security Officer (CISO) and the executive security team can keep their jobs after this. It is basic cybersecurity governance not to have a computer system, a Fortune 500 computer system handling billions of dollars at that, be susceptible to a single point of failure. All of these people must be fired ASAP.
Implement RAID and Hire The Right People
RAID is a cybersecurity failover technique where when one disk fails, the system automatically rolls over to another disk. In my video, I mention RAID 5, RAID 6 and RAID 10. These three types of RAID would have prevented Target’s cyberattack.
These three recommendations would enhance Target’s security posture so that this type of cyberattack never happens again.
Like my content? Great! Sign up for Carla’s Correspondence here: www.carlarjenkins.com/mailinglist
Like me on Facebook