Target CIO Mike McNamara is beefing up his IT team to shift more of its operations in house. McNamara called the retailer’s outsourcing of almost half its IT team to third parties “unhealthy” in a Wall Street Journal interview.
After some initial IT lay-offs in August, the retailer is now hiring 500 people in the U.S. and another 500 at its IT facility in Bangalore, India, to improve its mobile and online platforms and its Agile software methodologies.
Although the massive 2013 data breach that hobbled Target and is still getting sorted out in court was due to an HVAC and not an IT vendor, third party vendors are often the source of data mishaps that can be exacerbated when IT operations are farmed out to other companies.
Retailers that are the most advanced in terms of cybersecurity, and the most cognizant of the impact of third and even fourth parties on their own security, are those that have moved responsibility for the issue to the top, Stephen Boyer, co-founder and CTO of BitSight, told Retail Dive.
“You have to have high level executive involvement because that opens up the budget and the resources,” Boyer says. “It’s not going to have the impact if it rests with the IT group. They can’t do more with less. The security performance is really a byproduct the culture — they set the tone high up, and they set the budget, and that’s where we’re seeing the attitude change.”
Target has apparently taken that to heart as McNamara, who arrived at the retailer in February, brings more of the IT team — and responsibility — in house.
As Target concentrates its IT team in Minneapolis, the retailer will still have plenty of third-party vendors with their own tech operations. That means more checks on more vendors and establishing relationships with vendors that include regular communication about security.
“You don’t want these to be adversarial relationships,” Boyer says. But “it only takes one gap, it only takes one hole. You can have a lot of locked doors but — one window’s open and you have a problem.”
This isn’t all about security, of course. E-commerce is an essential part of retail, and Target is among those, like Nordstrom, Macy’s, and Wal-Mart, that seem determined to ensure that customers can shop in stores and online as seamlessly as possible, with marketing, sales, and fulfillment smooth everywhere.
“Strategic use of technology to make the supply chain more efficient and cut the time getting products to customers can boost Target’s market advantage against other retailers," Mr. McNamara told the Journal. “If you can get advantage through shorter lead times, you don’t want a third-party provider sending it to Retailer B down the road.”