Gap: Thanks to Target’s woes, retailers really get the importance of security now

The massive data breach at Target(s tgt) last December had a big impact on retailers’ appreciation of proper security, Gap(s gps) infrastructure architecture senior director Jeffery Padgett said on Thursday at Gigaom’s Structure 2014 conference.

The hack of Target’s point-of-sale (POS) and other systems, which netted the details of as many as 110 million customers, was instrumental in the ousting of Target CEO Gregg Steinhafel (and the resignation of CIO Beth Jacob) and earned the company dozens of class action lawsuits.

It was, Padgett said, “a clarion call for retailers.”

“It’s definitely increased C-level awareness to do the right thing for customers and protect all your assets,” Padgett said. “Risk and compliance teams are seen to have a little bit more power now.”

“Target had this information available to them but weren’t acting on it. Same thing for us – we have 50,000 POS terminals spewing out information. We need to be able to look at that and make rational decisions. In our case, big analytics is something that has popped out of it… Seeing the devops culture leak into security — security already had it to some extent, but there’s definitely a bigger collaboration than in the past.”

Padgett was on a panel with Don Whittington, CIO at sugar company Florida Crystals. The two had quite contrasting approaches to the cloud – Gap is trying to build an in-house OpenStack cloud, while the more traditional Florida Crystals is purely a cloud user, relying on Virtustream for the hosting.

That gave Whittington a different perspective on the security issue: “As a solution buyer, I’m looking for an end-to-end solution. Solution providers have to be able to do a better job at security than any one enterprise can do themselves.”

Photo by Jakub Mosur

Structure 2014 ticker