Certainly everyone in a
lead IT position has been through the process of identifying the staff
and costs to keep the wheels turning, whether that be network
infrastructure, support services, application development and support,
etc., and without a doubt there has been consideration of security
enhancements that are logical...or those challenges where you thing
"when I have time and resources we need to address this...it might be a
problem." The "budget review" meetings invariably result in the
questions "where can you cut?", "has that been a problem?", "can't Joe
or Mary pick that up?" or "we need to hold firm on the budget." Despite
the fact that the Target CIO was very light on IT per se, we have to
assume that there were people aware of the exposure. Whether she was unable
to sell the costs or did not know the threat or whether other c-level
people were focused on their own areas (ignoring a notion of management
reciprocity) it's obviously a disaster for Target and certainly there
will be more casualties in the staff ranks.
On the upside this gives us all the opportunity to move security and governance of corporate electronic knowledge and resources higher up on the priority list. Other c-level stakeholders and the money gatekeepers will probably listen this year. Few projects are built with a credit card but clearly company interoperability of systems and the chaotic and uncontrolled consumerization of IT are creating many thin ice situations. It goes without saying that assuming ubiquitous cloud solutions and "there's an app for that" is naive; it's coming but we're going to have corporate hardware for a while.
One of my favorite quotes is from Andy Grove, the former CEO of Intel, who said "...every company is an IT company...they just don't know it yet..." If each and every functional manager outside of IT is not asking hard IT questions and supporting solutions and investment they are being remiss in their corporate responsibility.
The Target CIO position paid $3.5 million per year (unverified) if you want to apply. That's about $300,000/month which would be just fine.
On the upside this gives us all the opportunity to move security and governance of corporate electronic knowledge and resources higher up on the priority list. Other c-level stakeholders and the money gatekeepers will probably listen this year. Few projects are built with a credit card but clearly company interoperability of systems and the chaotic and uncontrolled consumerization of IT are creating many thin ice situations. It goes without saying that assuming ubiquitous cloud solutions and "there's an app for that" is naive; it's coming but we're going to have corporate hardware for a while.
One of my favorite quotes is from Andy Grove, the former CEO of Intel, who said "...every company is an IT company...they just don't know it yet..." If each and every functional manager outside of IT is not asking hard IT questions and supporting solutions and investment they are being remiss in their corporate responsibility.
The Target CIO position paid $3.5 million per year (unverified) if you want to apply. That's about $300,000/month which would be just fine.