An inside look at Target's cyber fusion center

Inside Target’s Cyber Fusion Center

This week, several of our information security leaders are headed to Colorado as Target sponsors the sixth annual Aspen Security Forum. While there, the team will lead and join in conversations with top national security experts.

As a retailer, we bring an important perspective to the table. With cyber threats on the rise like never before, keeping our guests’ data secure and protecting our company information is a really big job. It takes the right people working with top-notch technology to stay a step ahead—and that’s what our information security teams strive to do every day.

“Data security is a top priority at Target,” says Brian Cornell, chairman and CEO. “So we continue to invest heavily in top talent, as well as technology, and focus on continually evaluating and evolving our processes as the landscape changes.” It’s an important part of the $1 billion Target plans to invest in technology and supply chain this year.

“We’ve got teams of Cyber Security analysts working round the clock,” adds Brad Maiorino, Target’s Chief Information Security Officer. “They use a mix of human intelligence, analytics and state-of-the-art technology to detect, investigate and contain threats to our business.” Much of the work they do takes place in our newly opened Cyber Fusion Center (CFC).

Check out the space:

The goal of the CFC space is to bring Target’s key information security teams together to work faster and with more agility than ever before. A large, open space with lots of natural light, it was designed with collaboration in mind. Teams sit in an open format, arranged based on the logical flow of information. “With no walls between any of the groups, members can connect to share information quickly and make fast and accurate decisions,” says Dave Baumgartner, Vice President, Cyber Security. “The entire team can come together in a moment’s notice.”

This seemingly small change in setup made it possible for the team to quickly reduce the amount of time it takes between the alert and containment of security events since launching in late 2014.  “And thanks to the open format, everyone always has direct access to leaders,” says Dave, “and we’re quick to turn failures into measureable improvements.”

Each of Target’s Cyber Security teams plays an important role in the CFC. The Cyber Threat Intelligence team proactively monitors and analyzes trends and patterns in cyberspace to help us make smart decisions. The Cyber Security Incident Response (CSIRT) team develops Target-centric detection techniques and keeps watch over our systems and networks, ready to respond to any incident in a moment’s notice. Security Testing Services evaluates new and existing technology to identify areas of concern, from proper coding or configuration to necessary patches. The Red Team simulates real-world attacks on Target’s environment to uncover defensive control weaknesses. And a group of Continuous Improvement experts documents the teams’ learnings, captures metrics and reporting, and prioritizes team efforts. These teams share the CFC space with other information security experts involved in the same investigations.

“My team develops content for monitoring the network, so I’m constantly working with the other teams to improve detection,” says Lori Murray, Security Engineer. “Problem-solving requires understanding others’ perspectives, which is why I appreciate the open atmosphere within the CFC.”

The team has a range of important talents. Some jobs require the ability to understand coding in different languages. Others rely on analytical skills. For all teams, collaboration is key, as is the ability to move quickly and make fast decisions. With the teams working so closely, there’s lots of opportunity for members to try out new roles, learn skills in different areas and expand their experience.

“What helps me most on the job is a great sense of curiosity—asking how and why things happen in order to prevent future issues,” says Keith Higgins, Triage Analyst. “It’s a challenge because the work is different from day to day, even hour to hour. I’m constantly learning new things, and I love digging into a problem to find the root cause.”

“At the end of the day, it’s all about keeping our guests’ data secure and protecting our company’s information,” says Brad. “And we couldn’t ask for a better team to have on the job.”

Interested in learning more about the role of a Cyber Fusion Center team member? Check out the Target Careers Page for more info!

Don’t miss out on the latest Target news and behind-the-scenes happenings! Subscribe to our bi weekly newsletter and get the top stories from A Bullseye View delivered straight to your inbox!