Request A Demo
  • Blog Post

Lessons learned from the Target Data Breach

Now that the dust has cleared from the cyber attack and data breach on Target stores last year, it is time to reflect on what happened and ensure your organization is not susceptible to a similar breakdown in security.

How did Target’s data get compromised?

All the facts surrounding this attack have not been disclosed or verified, but it seems likely that two types of malware infected Target’s network. One type of malware was installed on POS terminals to steal payment card data and the second type of malware was used to exfiltrate data outside the breached network.

While analyzing the kill chain of this attack is useful, an important fact to consider is that Target’s malware detection software alerted their SOC to the infection, but apparently their security team did not respond to the alerts.

Target is a large organization with significant resources. This underscores the fact that successful security operations must rely on people, process and technology. Any one of these alone is insufficient.

Lessons Learned from Targets Data Breach

The lessons to be learned from the Target breach extend beyond retail to any organization with valuable data. We recommend the following:

  • Point security products are important but they must be monitored 24×7
  • Security teams should leverage to case management tools and track response to incidents
  • Organizations must have the resources and skills to prioritize and investigate suspicious behavior
  • Advanced correlation techniques are necessary to pinpoint complex multi-stage attacks
  • Business context modeling and use cases should be used to highlight attacks on vulnerable assets
  • Threat Intelligence data that identifies malicious IP sources and destinations plays an important role in identifying malware
  • Predictive analytics and automated defense techniques are important tools to prevent attacks that could otherwise lead to data breaches
  • Log retention and access to security logs is required for forensic analysis if a breach should occur

In conclusion, the lesson from the Target breach is security monitoring is not simple.

Recent Blog Posts

Stay Ahead of Evolving Threats

Signup for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

REQUEST A DEMO

Experience Tomorrow’s
Security Today

Request a Demo and Experience Proficio's
Innovative Solutions in Action.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

North America

+1.800.779.5042
info@proficio.com

APAC

+65.6996.9185

EMEA

+34.937.370.358

Services

ProSOC MDR
Risk Based Vulnerability Management
Cyber Exposure Monitoring
Active Defense Response
View All Services

Partners

Partner Login
Channel Partners
Technology Partners
MSP Partners
Become A Partner

Stay Ahead of Evolving Threats

Signup for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team


By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

Solutions

24/7 Security Operations
Accelerate Your SIEM Deployment
Identify Targeted Attacks
Mitigate Threats to Prevent Breaches
Improve MTTD & Reduce False Positives
Protect Your Identities
Protect Your Endpoints

 

Protect Your Cloud 
Protect Your Network
Meet Cyber Insurance Requirements
Enhance Reporting & Business Intelligence
Compliance Assurance

Resources

Resource Center
Guides
Case Studies
Reports 
Datasheets
Videos
Webinars
White Paper

Company

About Us
Leadership
Awards
Blog
Press Releases
News
Events
Careers
Contact Us

© 2024 Proficio. All Rights Reserved. Privacy Notice & Cookie Policy | Terms of Use