In response, Target added enhanced monitoring, data segmentation, logging, as well as security of accounts and installation of application whitelisting on point-of-sale systems. Maiorino provided insight into his challenges and opportunities in a July 2014 interview with the New York Times in which he said Target was not as poorly secured as people believed.
Maiorino also said any company would have fallen prey to what was a "highly sophisticated set of actors." His solution? Reducing Target's attack surface, which means eliminating connections in the business.
While working at GM from 2012 to 2014 Maiorino transformed the company’s information security and IT risk organization, including building out a global team and establishing GM’s Vehicle Cyber Security Steering Committee. Prior to General Motors, he oversaw GE’s global information security program and oversaw the design and construction of the GE Cyber Security Fusion Center, the company’s SOC. He has also served as a member of the board of directors for the Retail Cyber Intelligence Sharing Center (R-CISC), in which retailers work share information about threats.
Sign up for CIO Asia eNewsletters.