Target has announced it has appointed Brad Maiorino as senior vice president and the company’s first ever chief information security officer (CISO) in the wake of a massive data breach that exposed account details of more than 100 million customers late last year.
Maiorino will begin his duties on June 16 and will be charged with managing Target’s information security and technology risk strategies, reporting directly to the company’s executive vice president and chief information officer Bob DeRodes.
“Having led this critical function at two of the country’s largest companies, Brad is widely recognized as one of the nation’s top leaders in the complex, evolving areas of information security and risk,” said DeRodes.
“As an organization, we have made a commitment to our guests and our team that Target will be a retail leader in information security and protection. We believe Brad is the right person to lead that charge.”
Maiorino was previously the chief information security and information technology risk officer at General Motors and before that was the chief information security officer at General Electric.
“I am looking forward to joining the Target team and helping them continue the progress they have made to be a retail leader in information security and protection,” said Maiorino. “I am confident that the combination of a strong team and the leadership commitment will enable us to achieve that objective.”
Target’s Board of Directors had recently announced the departure of the company’s Chairman, President and CEO Gregg Steinhafel in the wake of the headline making data breach, just one week after the company announced the appointment of DeRodes as CIO.
Steinhafel’s ouster followed that of Target’s previous CIO Beth Jacob, who resigned in early March as a result of the breach, which was first disclosed on December 19, and is believed to have lasted from at least Black Friday through December 15th, 2013.
Target has made significant efforts to enhance its security posture over the last six months, including upgrades to monitoring and logging systems, increased network segmentation, and deployment of application whitelisting technology on on point-of-sale (POS) systems.
The company also announced they have accelerated transition to chip-and-PIN-enabled REDcards, which will be available in early 2015 for their entire REDcard portfolio, which includes all Target-branded credit and debit cards.