Target’s 2013 credit card data breach has reached a record $300 million in damages to the company. This should be a wake-up call for the private sector that information technology (IT) infrastructures need to be protected as assets that hold both risks and rewards. Managing IT systems and the sharing of data on corporate networks that drive modern businesses comes with great responsibility. As part of the company’s recent settlement with 47 states, the company is now subject to new court-mandated security procedures and must perform a full security audit of its IT systems. If Target had taken IT management seriously as part of its corporate responsibility and overall strategy and included both of these processes as part of its own internal asset controls, it could have saved itself hundreds of millions of dollars and a damaged reputation.