Target (NYSE:TGT) recently opened a state of the art Cyber Fusion Center to protect customer data from online threats. It is part of the $1 billion investment the retailer is making in technology and supply chain this year.
The center is designed for a quick, team-based approach to security events, according to the company's A Bullseye View blog. It is a large, open space with plentiful natural light, designed with collaboration in mind.
The goal of the space is to bring Target's key information security teams together to work faster and with more agility than in the past, reducing the amount of time between the alert and containment of security events. The teams sit in an open format, arranged based on the logical flow of information.
"With no walls between any of the groups, members can connect to share information quickly and make fast and accurate decisions," said Dave Baumgartner, VP of cybersecurity at Target. "The entire team can come together in a moment's notice. And thanks to the open format, everyone always has direct access to leaders, and we're quick to turn failures into measureable improvements."
To help staff the center, Target has posted 54 jobs on its "Target careers" web pages. The titles listed indicate the seriousness and technological sophistication of the undertaking. These include: senior operations analyst, information security; principal engineer, cybersecurity; cyber threat intel senior analyst; lead security architecture, big data analytics information security; incident triage analyst; and senior engineer, IT security engineering threat and vulnerability management.
"Data security is a top priority at Target," said chairman and CEO Brian Cornell. "So we continue to invest heavily in top talent, as well as technology, and focus on continually evaluating and evolving our processes as the landscape changes." Information security leaders from the center will participate in this week's Aspen Security Forum, which Target is sponsoring.
"We've got teams of cybersecurity analysts working round the clock," said Brad Maiorino, Target's chief information security officer. "They use a mix of human intelligence, analytics and state-of-the-art technology to detect, investigate and contain threats to our business."
There are several teams sharing the center's space along with other information security experts. These groups are:
The Cyber Threat Intelligence team monitors and analyzes trends and patterns in cyberspace to help make decisions.
The Cyber Security Incident Response team develops Target-centric detection techniques and keeps watch over systems and networks, ready to respond to any incident in a moment's notice.
Security Testing Services evaluates new and existing technology to identify areas of concern, from proper coding or configuration to necessary patches.
The Red Team simulates real-world attacks on Target's environment to uncover defensive control weaknesses.
Continuous Improvement experts document the teams' learnings, capture metrics and reporting, and prioritize team efforts.
"My team develops content for monitoring the network, so I'm constantly working with the other teams to improve detection," said Lori Murray, security engineer. "Problem-solving requires understanding others' perspectives, which is why I appreciate the open atmosphere within the center."
The teams need a range of talents. Some jobs require the ability to understand coding in different languages, while others rely on analytical skills. Collaboration is essential for all teams, as is the ability to move quickly and make fast decisions. With the teams working so closely, there is a great deal of opportunity for team members to try out new roles, learn skills in different areas and expand their experiences.
"What helps me most on the job is a great sense of curiosity—asking how and why things happen in order to prevent future issues," said Keith Higgins, triage analyst. "It's a challenge because the work is different from day to day, even hour to hour. I'm constantly learning new things, and I love digging into a problem to find the root cause."
"At the end of the day, it's all about keeping our guests' data secure and protecting our company's information," Maiorino said.
-See this Target blog post
Target failed to act on security warnings
Target seeks to realign security and IT, seeks CISO
Target's $19 million breach settlement with MasterCard falls through|
Target makes big IoT statement with 'Open House' shop
Target to roll out RFID price tags this year