Synergistic Security: A Work System Case Study of the Target Breach
Recent publicized security breaches can be used to evaluate information security programs. The processes and procedures that allowed the event to occur can be examined in a case study and then be used to find methods for future mitigation of risk. The Target security breach is used in this study to...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Kennesaw State University
2017-12-01
|
| Series: | Journal of Cybersecurity Education, Research & Practice |
| Online Access: | https://digitalcommons.kennesaw.edu/jcerp/vol2017/iss2/4/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850112133213192192 |
|---|---|
| author | Martha Nanette Harrell |
| author_facet | Martha Nanette Harrell |
| author_sort | Martha Nanette Harrell |
| collection | DOAJ |
| description | Recent publicized security breaches can be used to evaluate information security programs. The processes and procedures that allowed the event to occur can be examined in a case study and then be used to find methods for future mitigation of risk. The Target security breach is used in this study to examine the organization’s information security program using a macro-ergonomic model. This research posits that an information security program should consider the work system design, based in macro-ergonomics, to help mitigate information security risk to the organization and ensure an efficient and effective information security program. Based on a seminal macro-ergonomic model, the Leavitt Diamond Model (1965), an information security model was designed. The Synergistic Security Model can be used to examine relationships between macro-ergonomic information system constructs. The relationships that occur between the structure of the organization (policies, procedures, leadership, etc.), the people, the technology, and the tasks can have an impact on the efficiency and effectiveness of an information security program. For the purpose of examining these relationships, the Synergistic Security Model is divided into triads, consisting of: Triad 1: Information Security Structure- Information Security Technology-People (Information Security Behavior); Triad 2: Information Security Structure-Information Security Tasks-People (Information Security Behavior); Triad 3: Information Security Tasks-Information Security Technology-People (Information Security Behavior); and Triad 4: Information Security Tasks-Information Security Technology-Information Security Structure. This paper will examine the relationships found in the Target data breach, reported in December 2013. |
| format | Article |
| id | doaj-art-fd78db6c5b23428493207d3f4d490e6b |
| institution | OA Journals |
| issn | 2472-2707 |
| language | English |
| publishDate | 2017-12-01 |
| publisher | Kennesaw State University |
| record_format | Article |
| series | Journal of Cybersecurity Education, Research & Practice |
| spelling | doaj-art-fd78db6c5b23428493207d3f4d490e6b2025-08-20T02:37:28ZengKennesaw State UniversityJournal of Cybersecurity Education, Research & Practice2472-27072017-12-0120172Synergistic Security: A Work System Case Study of the Target BreachMartha Nanette Harrell0Arkansas Tech UniversityRecent publicized security breaches can be used to evaluate information security programs. The processes and procedures that allowed the event to occur can be examined in a case study and then be used to find methods for future mitigation of risk. The Target security breach is used in this study to examine the organization’s information security program using a macro-ergonomic model. This research posits that an information security program should consider the work system design, based in macro-ergonomics, to help mitigate information security risk to the organization and ensure an efficient and effective information security program. Based on a seminal macro-ergonomic model, the Leavitt Diamond Model (1965), an information security model was designed. The Synergistic Security Model can be used to examine relationships between macro-ergonomic information system constructs. The relationships that occur between the structure of the organization (policies, procedures, leadership, etc.), the people, the technology, and the tasks can have an impact on the efficiency and effectiveness of an information security program. For the purpose of examining these relationships, the Synergistic Security Model is divided into triads, consisting of: Triad 1: Information Security Structure- Information Security Technology-People (Information Security Behavior); Triad 2: Information Security Structure-Information Security Tasks-People (Information Security Behavior); Triad 3: Information Security Tasks-Information Security Technology-People (Information Security Behavior); and Triad 4: Information Security Tasks-Information Security Technology-Information Security Structure. This paper will examine the relationships found in the Target data breach, reported in December 2013.https://digitalcommons.kennesaw.edu/jcerp/vol2017/iss2/4/ |
| spellingShingle | Martha Nanette Harrell Synergistic Security: A Work System Case Study of the Target Breach Journal of Cybersecurity Education, Research & Practice |
| title | Synergistic Security: A Work System Case Study of the Target Breach |
| title_full | Synergistic Security: A Work System Case Study of the Target Breach |
| title_fullStr | Synergistic Security: A Work System Case Study of the Target Breach |
| title_full_unstemmed | Synergistic Security: A Work System Case Study of the Target Breach |
| title_short | Synergistic Security: A Work System Case Study of the Target Breach |
| title_sort | synergistic security a work system case study of the target breach |
| url | https://digitalcommons.kennesaw.edu/jcerp/vol2017/iss2/4/ |
| work_keys_str_mv | AT marthananetteharrell synergisticsecurityaworksystemcasestudyofthetargetbreach |