In the wake of the data security breach it suffered over the Christmas holiday period, Target Corp. has appointed a new chief information officer. Bob DeRodes will lead the company’s information technology transformation beginning Monday, the Minneapolis-based retailer said Tuesday.
This story first appeared in the April 30, 2014 issue of WWD. Subscribe Today.
Target also provided details of security enhancements it’s made since the data breach last year. The retailer, which has been working toward adopting chip and PIN technology for the last decade, said it has accelerated its $100 million investment to put the technology in place by 2015. Target is working with MasterCard on a new initiative to enable Target-branded credit and debit cards with MasterCard’s chip and PIN solution. Besides moving its Red card portfolio to the new technology, Target is installing supporting software and next-generation payment devices in its stores. The new payment terminals will be in all 1,797 U.S. stores by September, six months ahead of schedule.
Target in January revealed that 40 million consumers who shopped in its U.S. stores between Black Friday and Dec. 15 may have had information stolen from their credit or debit cards. The retailer subsequently learned that certain consumer data separate from the credit card information was also stolen, and raised the number of potentially affected customers to 100 million.
The data security breach is believed to have reduced the level of holiday gift shopping at the chain during a critical business period.
DeRodes, whose title will be executive vice president and chief information officer, will be responsible for technology and operations, ongoing security enhancements and developing a road map for Target’s long-term technology and digital efforts.
“Establishing a clear path forward for Target following the data breach has been my top priority,” said Gregg Steinhafel, chairman, president and chief executive officer of Target. “I believe Target has a tremendous opportunity to take the lessons learned from this incident and enhance our overall approach to data security and information technology. Bob’s history of leading transformational change positions him well to lead our continued breach responses and guide our long-term digital strategy.”
Steinhafel said Target’s security enhancements also include reviewing and limiting vendor access and the coordinated resetting of 445,000 Target team member and contractor passwords.
DeRodes, who has 40 years of experience in the field, has worked for the Center for CIO Leadership, the Department of Homeland Security, the U.S. Secretary of Defense and the U.S. Department of Justice. He has also held top technology positions at Citibank, First Data, Home Depot and Delta Air Lines.
Target is still looking to fill two positions, chief information security officer and chief compliance officer.
Adam Levin, cofounder of IdentityTheft911.com and Credit.com, said chip and PIN technology is positive for additional security in stores, but it does nothing online. “They are doing a series of things that needed to be done,” Levin said. “There’s a different philosophy in retail than there was a year ago. When a retailer as iconic as Target becomes breached, it’s a tipping point. All of us wish [the progress] was a bit faster. In Washington, D.C., we’re still waiting for cybersecurity legislation.”