The latest bit of carnage in the Target Christmas Credit Card breach is the resignation of Target CEO Gregg Steinhafel. He is being replaced at the helm by interim CEO John Mulligan, Target’s CFO. The first call he needs to make is to the CIO and his information technology security chief to see where the company is in rectifying the lapses that allowed the security breach to take place.
We see this as a largely symbolic and useless act, a ritual beheading in the public square. Unless, of course, Steinhafel was the moron in senior management who declared that penetration testing the new POS system could wait until after the holidays. in that case he deserves what he got.
Hopefully, other corporate CEOs are beginning to understand that they cannot ignore and reject out of hand the business cases that the CIO and technology departments present every budget cycle for beefier cyber defenses. Maybe FINALLY they will be given the level of importance that they deserve.Share
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com