Was the Target data theft perpetrated by an internal vendor/consultant?
Over the last few days, Target has posted multiple information security positions.
Half of these positions have been created to monitor IT vendors and consultants to Target.
Many large corporations use these types of consultants.
They come in for a few months to work on a project and leave when they are finished.
Many of them are given access to all of the companies systems with very little oversight.
My guess is that Target still doesn't know how they got burned,
and they are moving quickly to shore up the gaps.
(I find it comical that they are going to hire one consultant when they have identified consultants as the problem)
-----------------------------------
Job Posting Below
Link to Information Security Jobs at Target
-------------------------
Over the last few days, Target has posted multiple information security positions.
Half of these positions have been created to monitor IT vendors and consultants to Target.
Many large corporations use these types of consultants.
They come in for a few months to work on a project and leave when they are finished.
Many of them are given access to all of the companies systems with very little oversight.
My guess is that Target still doesn't know how they got burned,
and they are moving quickly to shore up the gaps.
-----------------------------------
Job Posting Below
Sr Analyst, Target Information Protection - Vendor Assessment Job
- Date: Jan 10, 2014
Location: Minneapolis, MN, US
Sr Analyst, Target Information Protection - Vendor Assessment(Job Number: FIN00066F)
JOIN US AS SR ANALYST, TARGET INFORMATION PROTECTION - VENDOR ASSESSMENT
About This Opportunity
Lead, facilitate, analyze, execute, govern and represent plans or identified approaches within the Target Information Protection organization, and be the liaison to key partners on initiatives within the organization.
Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Senior Analyst, you'll take the lead as you…
- Be a thought leader in Information Security and align initiatives with business objectives
- Conduct vendor security and privacy assessments and drive remediation efforts of vendors providing services to Target
- Work closely with cross-functional teams and develop strong liaison relationships
- Assist in process development and improvements to maximize the efficiency and effectiveness of the program
- Participates in special projects and research; prepare management reports and presentations as requested
About This Opportunity
Lead, facilitate, analyze, execute, govern and represent plans or identified approaches within the Target Information Protection organization, and be the liaison to key partners on initiatives within the organization.
Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Senior Analyst, you'll take the lead as you…
- Be a thought leader in Information Security and align initiatives with business objectives
- Conduct vendor security and privacy assessments and drive remediation efforts of vendors providing services to Target
- Work closely with cross-functional teams and develop strong liaison relationships
- Assist in process development and improvements to maximize the efficiency and effectiveness of the program
- Participates in special projects and research; prepare management reports and presentations as requested
Link to Information Security Jobs at Target
-------------------------
