Target opens a security center to fight cyber threats

Through a special arrangement, what follows is an excerpt of an article from FierceRetail, an e-newsletter and website covering the latest retail technology news and analysis.

Target recently opened a state of the art Cyber Fusion Center to protect customer data from online threats. Part of the $1 billion in planned investments in technology and supply chain this year, the center is designed for a quick, team-based approach to security events, according to the company’s A Bullseye View blog.

In the large, open space, Target’s key information security teams are encouraged to work together faster and with more agility than in the past, reducing the amount of time between the alert and containment of security events. The teams sit in an open format, arranged based on the logical flow of information.

"With no walls between any of the groups, members can connect to share information quickly and make fast and accurate decisions," said Dave Baumgartner, VP of cybersecurity at Target. "The entire team can come together in a moment’s notice. And thanks to the open format, everyone always has direct access to leaders, and we’re quick to turn failures into measureable improvements."

Target cyber center=

Photo: Target

To help staff the center, Target has posted 54 jobs on its "Target careers" web pages with titles such as principal engineer, cybersecurity; cyber threat intel senior analyst; lead security architecture; and incident triage analyst.

"Data security is a top priority at Target," said chairman and CEO Brian Cornell. "So we continue to invest heavily in top talent, as well as technology, and focus on continually evaluating and evolving our processes as the landscape changes."

Several teams share the center’s space along with other information security experts:

  • The Cyber Threat Intelligence team monitors and analyzes trends and patterns in cyberspace to help make decisions.
  • The Cyber Security Incident Response team develops Target-centric detection techniques and keeps watch over systems and networks, ready to respond to any incident in a moment’s notice.
  • Security Testing Services evaluates new and existing technology to identify areas of concern, from proper coding or configuration to necessary patches.
  • The Red Team simulates real-world attacks on Target’s environment to uncover defensive control weaknesses.
  • Continuous Improvement experts document the teams’ learnings, capture metrics and reporting, and prioritize team efforts.

"My team develops content for monitoring the network, so I’m constantly working with the other teams to improve detection," said Lori Murray, security engineer. "Problem-solving requires understanding others’ perspectives, which is why I appreciate the open atmosphere within the center."

BrainTrust

"Hmmm ... sounds like a great idea that needed to happen either within a couple of weeks of announcing their data breach or installing their new CEO. What took so long?"

Ken Lonyai

Consultant, Strategist, Tech Innovator, UX Evangelist


"The photo looks a lot like the White House command center on Y2K, where I spent New Year’s Eve 1999. The days of having a VP of Applications be in charge of data security should be long gone."

Cathy Hotka

Principal, Cathy Hotka & Associates


"If I were Target or any other retailer I would go dark on this ASAP. I would have mentioned that advanced steps are being taken on cybercrime issues and go dark."

Tom Redd

Global Vice President, Strategic Communications, SAP Global Retail Business Unit


Discussion Questions

Is Target’s Cyber Fusion Center the right response to the cyber threats faced by the company? Do you expect other retailers to open similarly extensive cyber security centers?

Poll

8 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Max Goldberg
Max Goldberg
8 years ago

Smart move by Target. The retailer got hammered by a massive data breach, so they respond by creating a very public cybersecurity team. My only questions are what took them so long, and if touting this team so publicly puts a bullseye on Target’s back for hackers.

Ken Lonyai
Ken Lonyai
8 years ago

Hmmm … sounds like a great idea that needed to happen either within a couple of weeks of announcing their data breach or installing their new CEO. What took so long?

Cathy Hotka
Cathy Hotka
8 years ago

The photo looks a lot like the White House command center on Y2K, where I spent New Year’s Eve 1999.

The days of having a VP of Applications be in charge of data security should be long gone. Retail companies absolutely need to step it up, collaborate with governmental resources and treat cybersecurity as a must-have, not a nice-to-have. Let’s hope Target’s actions wake up some other retail companies.

Tom Redd
Tom Redd
8 years ago

If I were Target or any other retailer I would go dark on this ASAP. I would have mentioned that advanced steps are being taken on cybercrime issues and go dark. The PR team, on a drive to re-install a new, more prepared image of Target with customers needs to also understand that the time for crisis PR is over. Time will heal the Target issues.

Go dark and do not fill in the hackers on what you are doing to stop them. Do hackers tell you via global PR how they are going to hack you?

Act smarter than your enemy. Block the news and heavy background checks on hack center employees. Find the best hackers and hire them to work for you. Build a team that hacks hackers. Steal or erase their own disk drives. Share their IP addresses with other retailers. Make life h___ for them.

But never let them know that you did it. This is war — do not wait for an attack. Create the attack!

Dan Alaimo
Dan Alaimo
8 years ago

It’s like protecting your house. Target is showing the world, and the hackers, that they’ve got a bigger watchdog than the next guy. The bad guys will see this and, looking for less protected prey, will move along to the next one on their list. They’ll be back when all the others get bigger dogs than Target. Good move on Target’s part by going public. Plus, it looks like a nice place to work.

Gordon Arnold
Gordon Arnold
8 years ago

Being able to determine if, when and how bad the breach was, faster than before is not much of an improvement in security. Security is about the protection against file corruption or theft. This is best accomplished with the latest, fully supported communication software and limited access to files. Distributed processing, wireless communication and cloud storage have scant security for sensitive information. These are some of the areas that should be monitored when security issues are in play.

Karen S. Herman
Karen S. Herman
8 years ago

In my opinion, this is a logical move by Target. Opening the Cyber Fusion Center and getting these teams staffed and working together, building out their offensive and defensive strategies before the holiday season comes around is just plain smart. I like many facets of this plan and the various missions of these teams.

Kenneth Leung
Kenneth Leung
8 years ago

Logical move. Partly for PR based on the breach, partly to help recruitment of talent. Companies are always targeted and the key is how well the center is staffed and how empowered are the employees to address the problem when it arises. Identifying the threat and then getting the regions/data center to implement fix/shut things down is going to be key.