If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The Business Journals)   On the one hand, it's good that Target's CIO is out. On the other hand, she was still working there for months after giving hackers your credit card information   (bizjournals.com) divider line 26
    More: Dumbass, CIO, Target, data breach, credit cards, hackers, Promontory Financial Group, CEO Gregg Steinhafel  
•       •       •

942 clicks; posted to Business » on 05 Mar 2014 at 3:23 PM (20 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



26 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest
 
2014-03-05 12:27:47 PM
At least they don't have to worry about her stealing confidential files on her way out the door....


...she can just download them from the net after she gets home.
 
2014-03-05 02:18:15 PM
"Giving."

Nice, subby.
 
2014-03-05 03:23:33 PM

Shostie: "Giving."

Nice, subby.


For all the security measures and effective practices they had in place they should have just published the information in the local paper.  At least there it would have been safer as no one reads the farking newspaper anymore.
 
2014-03-05 04:00:34 PM
I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.
 
2014-03-05 04:04:25 PM

TheManMythLegend: I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.


A CIO is not a security executive.
 
2014-03-05 04:23:33 PM
I guess a C-class head had to role but I doubt she even had a clue.
 
2014-03-05 04:25:41 PM

mcreadyblue: TheManMythLegend: I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.

A CIO is not a security executive.


Usually the CIO would be the head of IT which should handle computer security.
 
2014-03-05 04:36:00 PM
On the positive side, there's a job opening at Target!
 
2014-03-05 04:37:30 PM

TheManMythLegend: mcreadyblue: TheManMythLegend: I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.

A CIO is not a security executive.

Usually the CIO would be the head of IT which should handle computer security.


A lot of the CIO's at places I worked were deep into IT security.
 
2014-03-05 04:39:25 PM

Mr. Eugenides: On the positive side, there's a job opening at Target!


On the negative side, you'll spend most of your time cleaning up after the previous person...
 
2014-03-05 04:44:05 PM

groppet: TheManMythLegend: mcreadyblue: TheManMythLegend: I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.

A CIO is not a security executive.

Usually the CIO would be the head of IT which should handle computer security.

A lot of the CIO's at places I worked were deep into IT security.


Yes I would assume that Client\Corporate data security and analysis would be their primary objective.
 
2014-03-05 04:44:07 PM

TheManMythLegend: Usually the CIO would be the head of IT which should handle computer security.


In grown up companies the CISO would report to the CEO or Legal.  Not to the CIO.  And the CIO should not have the title of CISO.  Its a conflict of interest.

/IT at Target is a complete fark'n mess
//so is their security
///best forensics labs in the country tho
 
2014-03-05 04:45:31 PM

TheManMythLegend: I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.


CIO in old economy companies is where they park long-time executives who've risen above their level of incompetence. If the CIO comes from within and doesn't have a tech background, you can pretty much guess at what their infrastructure and vision looks like, and how much they're willing to invest in IT. (And if the CFO is the head of IT... *shudder*) Consulting trade secret time: If the CIO is an internal promotion, they'll buy snake oil, but not make real investments. You can sell them buzzwords, but replace their 10/100 LAN? Never! That's expensive! (Also, the number of visible USB drives is inversely proportional to spending in infrastructure and security. If you see one on the CIO's desk, just leave, because it's not worth your time to be there.)

I doubt she actually managed IT in any meaningful sense. At most, she managed a budget. Target clearly didn't give a shiat about IT. This is falling-on-the-sword. She's got a parachute and will sit on a board somewhere.

PHBs are the norm for CIOs. If you're looking for competence, look to the CTO or IT Director.
 
2014-03-05 04:46:33 PM
gingerjet:

/IT at Target is a complete fark'n mess

That is not the first time I have ever heard that,  first time was well over a year ago.
 
2014-03-05 06:13:56 PM

Umblehoon: On the negative side, you'll spend most of your time cleaning up after the previous person...


Isn't that the way it goes?  CIO gets into position, grows stale, sh*t happens, time for new CIO.
 
2014-03-05 06:22:44 PM
Someone asked me why I keep using my credit card to buy stuff at Target after the breach.  My response: "Why not?  The guys in Eastern Europe already have this card anyway."
 
2014-03-05 07:51:37 PM

gingerjet: TheManMythLegend: Usually the CIO would be the head of IT which should handle computer security.

In grown up companies the CISO would report to the CEO or Legal.  Not to the CIO.  And the CIO should not have the title of CISO.  Its a conflict of interest.

/IT at Target is a complete fark'n mess
//so is their security
///best forensics labs in the country tho


You're assuming a CISO is in play, and that means there's enough money and demand for a top level department that reports directly to the CEO or board.  In quite a lot of companies the head of IT security will report to the CIO.
 
2014-03-05 09:59:21 PM

Mr. Eugenides: On the positive side, there's a job opening at Target!


I will gladly do a half-assed job of data security for thousands less than what they paid her. Why corporate America wastes its money like this I'll never know.

/also available for mortgage review officer, foreign stock managing, and bitcoins.
 
2014-03-05 10:01:10 PM

Lsherm: gingerjet: TheManMythLegend: Usually the CIO would be the head of IT which should handle computer security.

In grown up companies the CISO would report to the CEO or Legal.  Not to the CIO.  And the CIO should not have the title of CISO.  Its a conflict of interest.

/IT at Target is a complete fark'n mess
//so is their security
///best forensics labs in the country tho

You're assuming a CISO is in play, and that means there's enough money and demand for a top level department that reports directly to the CEO or board.  In quite a lot of companies the head of IT security will report to the CIO.




Target is not a small company. Their revenues were $70 billion for 2013.
 
2014-03-05 10:49:02 PM
On the other hand, she was still working there...

I'm not sure "working" is the best way of putting it.  I'm guessing she was just there to provide information and context to the swarm of IT consultants that were brought in to wrangle this fiasco.  Oh, and I'm sure she was negotiating her severance package during half that time, at least.

Here's an interview from September 2012 where she talks about being Target's CIO.  Definitely not a technical person by any stretch, nor is she security conscious.  A snafu of major proportions was almost bound to happen.
 
2014-03-05 11:41:12 PM

valkore: On the other hand, she was still working there...

I'm not sure "working" is the best way of putting it.  I'm guessing she was just there to provide information and context to the swarm of IT consultants that were brought in to wrangle this fiasco.  Oh, and I'm sure she was negotiating her severance package during half that time, at least.

Here's an interview from September 2012 where she talks about being Target's CIO.  Definitely not a technical person by any stretch, nor is she security conscious.  A snafu of major proportions was almost bound to happen.


Some excerpts from that interview:

"What's a misconception people have about CIOs? A lot of people think the most important skill set of a CIO is that of a techie. While you absolutely have to have highly skilled technology talent on your team, as CIO you're in a role that demands great business breadth, because you've got to understand strategies from across the entire business and know how to act upon them."

Ah, so you don't have to no anything about technology to be the CIO.

"What ideas have you brought to your organization? Target has a strong culture of partnership and collaboration, and our success has been built on understanding the value of people, process and technology - and how they all work together. What I've stressed to my team is the importance of developing a long-term vision and strategy for technology to help drive business value and become more agile and efficient. "

She is good at spouting forward sounding corporate nonsense, though.

What's a dream job that you're completely unqualified for? Chef at a good Italian restaurant. I love to cook, but I'm no chef!
CIO for Target Corp.
 
2014-03-06 12:01:30 AM

TheManMythLegend: groppet: TheManMythLegend: mcreadyblue: TheManMythLegend: I am shocked that a Product Buyer and Call Center manager was an incompetent computer security executive.

A CIO is not a security executive.

Usually the CIO would be the head of IT which should handle computer security.

A lot of the CIO's at places I worked were deep into IT security.

Yes I would assume that Client\Corporate data security and analysis would be their primary objective.


So what does that really entail?  I'm guessing, but you're overseeing a group of people that keep on top of all the current virus/malware threats and review all the traffic over the high level network.  Is that about it?  Oh, and report to the board quarterly.  And lunches, lots of lunches.  You've got pretty much zero responsibility for the lower level networks, because there's someone else that is the administrator for those.

/I can see a few other things that the CIO should be doing, and that's where the problem lies
 
2014-03-06 03:08:25 AM
The CIO salary and title were nice, so she gambled that she would not need to actually know or do anything. Figured there would be qualified people in between her ignorance and the real world, insulating her lack of technical understanding.

She gambled and lost.
 
2014-03-06 07:41:00 AM
<Insert women in IT joke here.>
 
2014-03-06 07:51:40 AM

ski9600: You've got pretty much zero responsibility for the lower level networks, because there's someone else that is the administrator for those.


Correct.
I wonder where the idiotic notion that a CIO, CFO, or even CEO has anything at all to do with a companies actual work comes from?
Certainly not reality.
Probably comes from those same idiots blaming coaches for players poor performance.

Reality is hard I guess.
 
2014-03-06 09:04:52 AM

gingerjet: TheManMythLegend: Usually the CIO would be the head of IT which should handle computer security.

In grown up companies the CISO would report to the CEO or Legal.  Not to the CIO.  And the CIO should not have the title of CISO.  Its a conflict of interest.

/IT at Target is a complete fark'n mess
//so is their security
///best forensics labs in the country tho


Their IT is a mess, but they at least used to have adequate security. I do have to wonder why the mechanical devices accessed by outside vendors are not completely isolated from financial data. But then, they are probably still running VB 6 apps to perform mission critical tasks like they were a few years ago.
 
Displayed 26 of 26 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report