Target’s CEO has become the first boss of a major corporation to lose his job over a breach of customer data, showing how responsibility for computer security now reaches right to the top. —- Associated Press
It’s a new era for boards to take a proactive role in understanding what the risks are. —- Cynthia Larose, chair of the privacy and security practice at the law firm Mintz Levin.
The Target and MCCCD represent two contrasting approaches on how to handle a security breach. There are striking similarities on what took place and significant difference on how the companies handled the situation.
So far, the Target Board of Directors has looked at risks and taken action to protect their company. They have chosen transparency and a clean slate as they move forward. In contrast, the MCCCD Governing Board has taken no action. It has surrounded itself with lawyers. It is breaking several AZ laws according to current lawsuits, keeping the top of the organization intact, blaming employees and stonewalling everyone. Which company would you want to work for? Which company has a better chance to survive?
Here is what they have in common:
- They both had a CEO and CIO (Chancellor and Vice-Chancellor of IT) responsible for the organization