Fallout from Target hack includes CIO

With Target (TGT) still grappling with fallout from its massive data breach, the retailing giant has decided that its technology overhaul must include finding a new top information security officer.

Chief information officer Beth Jacob stepped down from Target, a departure that comes as the retailer overhauls its executive structure on the technology side. Jacob, an executive without an IT background, had overseen the company's tech infrastructure since 2008.

Under Jacob's watch, as many as 110 million Target customers may have had their payment card or personal information stolen by hackers. Target was hit with $17 million of expenses in the fourth-quarter related to the breach, with the company warning last week that it couldn't forecast future costs from the criminal activity.

It's not only Target's pocket-book that has taken a hit -- the company's reputation has suffered, with many customers still fuming about the experience. Some complained that Target wasn't responsive, with long wait times to speak with customer service reps.

The company is now overhauling its information security and compliance systems, Target chief executive Gregg Steinhafel said in a statement emailed to CBS MoneyWatch.

"While we are still in the process of an ongoing investigation, we recognize that the information security environment is evolving rapidly," he said. "We will also be elevating the role of the Chief Information Security Officer and hiring externally for this position. Additionally, we will be initiating an external search for a Chief Compliance Officer."

Still, the timing of Jacob's departure after the late-2013 data breach could signal the organization's growing realization that it needs to hire someone with a deeper tech background, according to Computerworld.

Jacob's expertise was in operations, according to a profile of the executive published in the Minneapolis/St. Paul Business Journal. She first joined Target in 1984 and served as an assistant buyer. After a stint away from the company, she returned in 2002 as director of guest contact centers.

She told the Business Journal that it was a misconception that a CIO needs to be "a techie," adding that a breadth of business experience was more essential. Jacob added that it was important to have "skilled technology talent on your team."

Target may now be seeking an executive for the role with stronger roots in IT and computer security, given the expensive and embarrassing intrusion into its systems. It's not clear how involved Jacob was in the company's day-to-day IT security issues.

"She does not appear to have a professional background in information technology, so perhaps she felt it was appropriate to allow someone with a deeper technical background to lead their IT organization through the coming months and years of the work ahead of them," retail security consultant Jim Huguelet told Computerworld.

Her departure is the first high-profile executive exit since the data theft was made public.

For Target, the next step is an external search for a new CIO, as well as an ongoing review with Promontory Financial Group to evaluate its technology, structure and processes.

  • Aimee Picchi

Comments

CBSN Live

pop-out
Live Video

Watch CBSN Live

Watch CBS News anytime, anywhere with the new 24/7 digital news network. Stream CBSN live or on demand for FREE on your TV, computer, tablet, or smartphone.