Date of Award

Fall 12-17-2025

Document Type

Project Abstract (696 or 796 registration)

Degree Name

Master of Science in Cybersecurity

Department

Graduate Studies

Committee Chair

Dr. Adaeze Nwaigwe

Keywords

Target Data Breach, Cost Benefit analysis, Security Breach, Kill Chain, Security Controls

Abstract

In 2013 Target had a data breach, which compromised 40 million credit/debit card accounts and 70 million customer records. The attackers exploited a vulnerability in a third-party vendor (Fazio Mechanical Services), to gain access to Target's systems. The breach cost Target over $250 Million (USD) in legal fees, investigation expenses, and reputational damage (Jones, 2025). Based on inflation rate, the 2013 Target data breach would cost over $340 Million (USD) today. In this study, a cost-benefit analysis was done to determine whether it would have been more cost-effective for Target to have invested in security controls rather than paying for the aftermath of the 2013 data breach. The results derived in this study show that the total cost of implementing controls to mitigate the Target data breach is $7,730,500. This cost is only 2.27% of the $340 million which was the reported cost of the Target data breach. Based on this cost benefit analysis, this study shows that if Target had invested in security systems and personnel prior to the breach, it would have been much more cost-effective.

Download
Request Accessible Version

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.