Wal-Mart’s chief information officer say the company learned several big lessons from Target’s massive 2013 data breach, including the need to continually test the security of its networks.
Karenann Terrell, speaking at an InformationWeek Conference this week, said companies like hers can’t afford to have a “single point of failure” in their systems.
{mosads}“Single points of failure anywhere can have really drastic effects, and the ability for an attack to go undetected for a period of time just exponentially increases the damage that can occur.”
Terrell, describing the layering of security on each network component, said her team also began in-house testing of its networks following the Target attack.
“What we learned is we have to have white-hat testing capability on staff for continual testing,” she said.
Target’s data breach was a watershed moment for cybersecurity, signaling to retailers everywhere that they are vulnerable to hacking.
Cyber intruders stole credit and debit card information for 40 million Target customers, as well as email and mailing addresses for between 70 million and 110 million people.
The company was alerted to suspicious activity on its network after the infiltration but initially ignored the warnings.
The attack shook consumer confidence in Target during the 2013 holiday shopping season, hurting profits and leading to the ouster of former CEO Gregg Steinhafel.
Terrell said Wal-Mart is continuously building and rebuilding its IT infrastructure in order to stay current. She also said the company is focused on combating the potential for insider threats.
She made the comments, reported by eWeek magazine, during a speech Tuesday.