There are times when it just makes sense to walk away. To blow it all up and just leave it all behind, especially in the face of a disaster. Sometimes, it might not be the most logical move, and keeping one’s head down and focus forward can yield positive results in the future, perhaps even a redemption of sorts (Congrats to the San Antonio Spurs on their 2014 NBA title).
Then you have the other hand, times when stepping aside and bowing out are likely options, even seemingly inevitable. Such a scenario now faces the players of the Spurs’ opponent, the upcoming free agents of the defeated Miami Heat, as they approach their impending offseason; as it did Target CEO Gregg Steinhafel when the company’s board of directors requested his resignation last month, following the holiday credit card breach that impacted about 40 million customers.
Hard to find fault with an ousting like this. The “common perspective” might be that in matters of cyber security and data breach incidents, the buck stops at IT. And perhaps that has even been the case in the past. But that’s irrelevant now. When you consider the exponentially increasing sophistication of the tools available to cyber thieves, along with the unprecedented scope of their actions (again, 40 million, yeesh), of course, the firing of some IT executive isn’t going to be sufficient, particularly in the public eye. Eric Basu of Forbesintimates this is a sign of things to come for C-level executives of businesses across the spectrum; sums of billions, as Target is expected to lose, tend to demand a fall from on high.
It thus becomes imperative for CEOs and other execs to learn their way more around information security, technological concepts, etc., as well as the risks of corporate data loss, and the opportunities to address such key issues. Perhaps most crucially, this will help impart knowledge about the difference between compliance and security.
While it seems unlikely that a similar fate will befall some Domino’s executive due to the theft of the personal (but not financial) information of almost 600,000 French and Belgian Domino’s customers—and the failed ransom threat on the company—cyber criminals are not going to halt their offensive. CEOs and other members of management should have a more thorough understanding of their systems, technologies, and courses of action in event of a serious breach. Otherwise, more will inevitably follow Mr. Steinhafel out the door.
http://www.netlib.com/blog/application-security/Target-CEO-Departure-a-Teaching-Moment.asp
http://www.netlib.com/blog/application-security/Target-CEO-Departure-a-Teaching-Moment.asp