The US retailer Target, the company that has suffered one of the biggest data breaches so far, has appointed Bob DeRodes as executive vice president and chief information officer (CIO). The company has also provided some details on the security enhancements rolled out after the breach.
Starting with May 5, DeRodes will oversee Target’s technology team and operations. He will be responsible for ongoing enhancements in data security. In the meantime, the retailer continues to look for a chief information security officer (CISO) and a chief compliance officer (CCO).
“I look forward to helping shape information technology and data security at Target in the days and months ahead. It is clear to me that Target is an organization that is committed to doing whatever it takes to do right by their guests,” DeRodes stated.
DeRodes has over 40 years of experience in IT, data security and business operations. Before joining Target, he worked as a senior IT advisor for the DHS, the DOJ and the Secretary of Defense. The retailer’s new CIO has also offered consulting services to boards, corporations and private equity firms.
DeRodes has also held top tech positions at companies like Delta Airlines, Home Depot, Citibank and First Data.
“Establishing a clear path forward for Target following the data breach has been my top priority,” said Gregg Steinhafel, Target chairman, president and chief executive officer.
“I believe Target has a tremendous opportunity to take the lessons learned from this incident and enhance our overall approach to data security and information technology. Bob’s history of leading transformational change positions him well to lead our continued breach responses and guide our long-term digital strategy.”
As far as data security and technology enhancements are concerned, Target says that it has taken significant actions since suffering the data breach in which 40 million payment cards were compromised.
It has enhanced monitoring and logging, application whitelisting point-of-sale systems have been installed, vendor access has been reviewed and limited, and account security has been enhanced.
Enhanced segmentation has also been implemented by the retailer. This includes the development of point-of-sale management tools, review of network firewall rules, and the creation of a comprehensive firewall governance process.
A few months after the breach, the company revealed that it was accelerating the transition to more secure chip-and-PIN cards. On Tuesday, the company announced that its entire REDcard portfolio would benefit from MasterCard’s chip-and-PIN solution starting with early 2015.
“Target has long been an advocate for the widespread adoption of chip-and-PIN card technology,” noted John Mulligan, executive vice president and chief financial officer for Target.
“As we aggressively move forward to bring enhanced technology to Target, we believe it is critical that we provide our REDcard guests with the most secure payment product available. This new initiative satisfies that goal.”