In the wake of Target’s massive data breach, the company’s chief information officer was the first C-level executive to bite the dust. You may not have Target’s problems, but CIOs can learn some lessons from Beth Jacob’s departure.
The chief information officer, once an obscure C-suite role, has gained great importance these days—something Target CIO Beth Jacob learned the hard way.
Jacob is the first high-level Target executive to resign in the wake of the massive security breach that endangered millions of consumers’ payment information and severely damaged the retail chain’s reputation. What does Jacob’s departure mean for CIOs everywhere else? A couple of points to think on:
Respect, but pressure: In interviews with the Associated Press, a number of CIOs said they believed that issues such as data security and infrastructure were being taken more seriously (with budget increases to match). “I think CIOs are getting more respect,” Tim Scannell, the director of strategic content for the CIO Executive Council, told the wire service. “They’re winning a seat at the table. But along with that, we have a heightened security risk, so they’re under pressure to do something about it.”
Preparation matters: Tech executives say that as threats have proliferated, it’s become harder to tell which ones are real. The Wall Street Journal ‘s Michael Hickins notes that an analyst at Target, who was aware of potential cybersecurity threats reported months before, wanted the company to conduct a security review of its payment system, but that didn’t happen. That situation, according to an analyst who spoke to the WSJ‘s Steve Rosenbush, poses something of a chicken-and-egg problem. “It becomes like the car alarms going off in a parking lot—no one takes them seriously because generally there are too many false car alarms. And even if it was a real alarm, most people wouldn’t know what to do about it,” noted Gartner Vice President Avivah Litan. She recommended making cybersecurity systems “more intelligent with contextual data” to help distinguish real threats.
Background concerns: Jacob (shown above) had an operations background rather than a technical one. In a 2012 interview with the Minneapolis / St. Paul Business Journal, she said, “A lot of people think the most important skill set of a CIO is that of a techie. While you absolutely have to have highly skilled technology talent on your team, as CIO you’re in a role that demands great business breadth, because you’ve got to understand strategies from across the entire business and know how to act upon them.” Some analysts, including Faye Landes of Cowen & Co., have suggested that a lack of focus on technical issues did Jacob in, according to MarketWatch.
Target will undertake an external search to replace Jacob and fill other security-related positions. Having vacant positions in the cybersecurity department, according to Sophos’ Naked Security, was also a factor in the breach.