In 2013, Target Corporation was hacked. Credit and debit card data of 40 million of Target’s customers were exposed. Hackers reportedly infiltrated Target via access from an outside vendor, Fazio Mechanical. Often, CIOs will deal with outside vendors who ask for access or need to access some of their company’s data. Shortly after Target was hacked, the organization has hired you, a risk management expert, to address their handling of Fazio Mechanical’s access to Target’s network and data. Based on this scenario, address the following in a five- to eight-page paper:
Analyze current company protocol(s) and draft new protocols you would use to reduce Target’s liability from non-permitted access to their network and data via outside vendors.
Explain how the protocol(s) would reduce the risk of liability to Target.
Explain whether or not Target can ethically impose a protocol(s) on the internal operations of an outside vendor so that their internal operations more easily conform to Target’s security protocols and internal operations, with the overall intention of reducing Target’s liability.
Explain whether Target or Fazio Mechanical is more at fault for exposing Target’s customers’ data, providing rationale(s) for your decision.