Target Taps GM Leader As Chief Information Security Officer

Target Taps GM Leader As Chief Information Security Officer

Brad Maiorino, who has overseen information security at General Motors and General Electric, will join Target in the newly formed chief information security officer role.

On Tuesday, one day before its annual shareholders meeting, Target Corporation announced that it hired Brad Maiorino as its senior vice president and chief information security officer, a newly created position formed in the wake of the company’s massive data breach.

Maiorino, who begins his new role next Monday, joins Minneapolis-based Target from General Motors, where he served as that company’s chief information security and information technology risk officer. At GM, Maiorino led a “transformation of the company’s global information security and IT risk organization,” according to Target. Prior to that, Maiorino was chief information security officer at General Electric.

At Target, Maiorino will be responsible for information security and technology risk strategy. He will report to Chief Information Officer Bob DeRodes and is charged with “helping to ensure that the company, its guests and team members are protected from internal and external information security threats.”

Following last year’s data breach, Target is intimately familiar with such security threats. In the wake of the breach, the company appointed DeRodes as its new tech leader, replacing Beth Jacob—who resigned in March following the breach. The company said at the time that it was searching for a chief information security officer, which it has now found in Maiorino.

“Having led this critical function at two of the country’s largest companies, Brad is widely recognized as one of the nation’s top leaders in the complex, evolving areas of information security and risk,” DeRodes said in a statement. “As an organization, we have made a commitment to our guests and our team that Target will be a retail leader in information security and protection. We believe Brad is the right person to lead that charge.”

Target said that, after the breach, it took “significant steps” to “to enhance its information security systems and processes while transforming its security and compliance structure and practices.”

“Examples of this included enhancing monitoring, segmentation, logging, and security of accounts and installation of application whitelisting on point-of-sale systems,” the company said in Tuesday’s announcement.

Target’s annual shareholder meeting will be held Wednesday. The company—which recently ousted its CEO, among other changes to its leadership team—has been under some pressure to overhaul its board of directors, although interim Chairwoman Roxanne has defended Target's board.

Related Stories