Questions of Liability: Critique of the Target® Hack

“Chapter 3 of the course text, the Inside Target Corp., Days After 2013 Breach (Links to an external site.) article, and review any relevant information from this week’s lecture. Review the instructions below and research at least one additional scholarly source and a minimum of three credible professional sources to support your statements.

In 2013, Target Corporation was hacked. Credit and debit card data of 40 million of Target’s customers were exposed. Hackers reportedly infiltrated Target via access from an outside vendor, Fazio Mechanical. Often, CIOs will deal with outside vendors who ask for access or need to access some of their company’s data. Shortly after Target was hacked, the organization has hired you, a risk management expert, to address their handling of Fazio Mechanical’s access to Target’s network and data. Based on this scenario, address the following in a five- to eight-page paper:

Analyze current company protocol(s) and draft new protocols you would use to reduce Target’s liability from non-permitted access to their network and data via outside vendors.
Explain how the protocol(s) would reduce the risk of liability to Target.
Explain whether or not Target can ethically impose a protocol(s) on the internal operations of an outside vendor so that their internal operations more easily conform to Target’s security protocols and internal operations, with the overall intention of reducing Target’s liability.
Explain whether Target or Fazio Mechanical is more at fault for exposing Target’s customers’ data, providing rationale(s) for your decision.

 Must be five to eight double-spaced pages (1500-2400 words) in length (not including title and references pages) and formatted according to APA style as outlined in the Ashford Writing Center (Links to an external site.).”