Hackers are putting top technology executives under severe pressure. And last week's sudden departure of Target's chief information officer in the wake of the company's massive pre-Christmas data breach has only ratcheted up the stress.
Years ago, the job of CIOs focused mainly on the upkeep of computer systems. In their largely behind-the-scenes roles, most of their major decisions centered on the kinds of technological innovations a company would adopt, when and how much to pay for systems upgrades, and the creation and maintenance of company websites.
But the rise of computer crime in recent years changed the job description. At the same time, the surging use of personal smartphones and tablets in business settings has given CIOs even more technology to manage, along with countless new points of entry for hackers to breach their systems.
Cyber-attacks were on the rise long before Target's news that hackers had stolen 40 million debit and credit card numbers, plus the personal information belonging to as many as 70 million people. But for a host of companies, the Target breach was a pivotal event that permanently altered the way they approach data security. Many CIOs say they're receiving more support, but they say the trade-off is that they're facing increased scrutiny from their CEOs and other executives. If their fortress walls fall to hackers, their jobs will be on the line.
Ken Grady, CIO of life sciences company New England BioLabs Inc., says the increased attention to data security has been a good thing for him. It has prompted much needed support from colleagues. But that backing comes at a cost.
"If I have a breach in spite of all that, I need to be able to say that we did everything we could to prevent it," Grady says. "If I can't do that, then it would have a negative effect on me."
Analysts believe the Target data theft couldn't have had a positive effect on Beth Jacob, who had served as the company's CIO since 2008. Target said last week that Jacob's resignation was her decision, but analysts say Jacob took the fall amid a slew of bad publicity for the Minneapolis-based company.
Tim Scannell, director of strategic content for the CIO Executive Council trade group, says companies have come to realize the importance of security. The result: boosted budgets and staffing increases. According to a recent survey by the council, computer security executives say they expect an average increase of 8 percent in their budgets this year.
Cybersecurity was a hot topic at the recent RSA tech security conference in San Francisco. Daniel Ives, an analyst for FBR Capital Markets, estimates that businesses around the world will spend $30 billion to $40 billion this year on cybersecurity. He says that while retailers, financial and health care companies have the most to lose in the event of a cyber-attack, any company that uses mobile phones or puts customer data on its networks is at risk.
"Getting on the cover of The Wall Street Journal in some cyber-attack is a CIO's worst nightmare," Ives says. "They're the bodyguard and the linchpins of the companies they work for more today than ever before, because of the amount of data that's out there."
Mark Popolano, CIO of ProSight Specialty Insurance, agrees. His company's commercial insurance business is all about weighing risks against costs. "If you want to spend an infinite amount of money on security, you can," he says. "But the government does, and they're not 100 percent foolproof."