What steps did the cybercriminals follow in committing this theft?
2. What factors allowed this theft to take place? What are the sources of risk and the companys
vulnerabilities?
3. What is the impact of the breach for all stakeholders?
4. Critically assess the control measures Target has taken. Could more have been/should be done?
5. What are the lessons learned from Targets experience with regard to information security?
