Forbes | Adam Hartung
There was much press this week about Target's CEO and Chairman, Gregg Steinhafel, being forced out. Blame reached the top job after the successful cyber attack on Target last year. But investors, and customers, may regret this somewhat Board level over-reaction to a mounting global problem. Cyber security is a problem for every company.
Richard Clark is probably the USA's foremost authority on cyber attacks. He was on America's National Security Council, and headed the counter-terrorism section. Since leaving government he has increasingly focused on cyber attacks, and advised corporations.
In early 2013 I met Mr. Clark after hearing him speak at a National Association of Corporate Directors meeting. He was surprisingly candid in his comments at the meeting, and after. He pointed out that EVERY company in America was being randomly targeted by cyber criminals, and that EVERY company would have an intrusion. He said it was impossible to do business without working on-line, and simultaneously it was impossible to think any company - of any size - could stop an attack from successfully getting into the company. The only questions one should focus on answering were "How fast can you discover the attack? How well can you contain it? What can you learn to at least stop that from happening again?"
Target was a crime victim, as can happen to any company. So, while the Target attack was large, and not discovered as early as anyone would like, to think that Target is in some way wildly poor at security or protecting its customers is simply naive. Several other large retailers have also had attacks, include Nieman Marcus and Michael's, and it was probably bad luck that Target was the first to have such a big problem happen, and at such a bad time, than anything particularly weak about Target.
We now know that all retailers are trying to learn from this, and every corporation is raising its awareness and actions to improve cyber security. But some company will be next. Target wasn't the first, and won't be the last. Companies everywhere, working with law enforcement, are all reacting to this new form of crime. So firing the CEO, 2 months after firing the CIO (Chief Information Officer), makes for good press, but it is more symbolic than meaningful. It won’t stop the hackers.
Investors and customers have a lot to lose given Target's competitive performance. Where this decision does have great importance is to shareholders and customers. Target has been a decent company for its constituents under this CEO, and done far better than some of its competitors. The share price has doubled in the last 5 years, and Target has proven a capable competitor to Wal-Mart while other retailers have been going out of business (Filene’s Basement, Circuit City, Linens & Things, Dots, etc.) or losing all relevancy (like Abercrombie and Fitch and Best Buy.) And Target has been at least holding its own while some chains have been closing stores like crazy (Radio Shack 1,100 stores, Family Dollar 370 stores, Office Depot 400 stores, etc.)
Just compare Target's performance to JCPenney, who's CEO was fired after screwing up the business far worse than the cyber attack hurt Target. And he was a former hero running Apple's retail stores.
Or, look at Sears Holdings. CEO Ed Lampert was heralded as a hero 6 years ago, but since then the company he leads has had 28 straight quarters of declining sales, and closed 305 stores since 2010. The Kmart division has become a complete non-competitor in discounting, and Sears has lost all relevancy as a chain as it has been outflanked on all sides. CEO Lampert has constantly whittled away at the company's value, and just this week told shareholders that they can simply plan on more store closings in the future.
And vaunted Wal-Mart is undergoing a federal investigation for bribing government officials in Mexico to prop up its business. Wal-Mart is constantly under attack by its employees for shady business practices, and this year lost a National Labor Relations Board case regarding its hours and pay practices. And Wal-Mart remains a lightning rod for controversy as it fights with big cities like Chicago and Washington, DC about its ability to open stores, while Target has flourished in communities large and small with work practices considered acceptable.
Finding a good replacement for Steinhafel will not be easy. CEO's and Boards of Directors, across the nation have been seriously addressing cyber security for the last couple of years. Awareness and protective measures, are up considerable. But there will be future attacks, and some will succeed. It is unclear blaming the CEO for these problems makes any sense - unless there is egregious incompetence.
Now finding a CEO that can grow a business like Target, in a tough retail market, is not easy.
The TNS Group
How Can I protect my business?
Contact The TNS Group to determine where your network is vulnerable to attack and we will recommend the best solution for your business.
Contact TNS today!
No comments:
Post a Comment