In anticipation of the RH-ISAC’s Retail Cyber Intelligence Summit, our team had the opportunity to ask a few questions to Target’s new CISO, Rich Agostino. We wanted to learn more about his approach to strategic leadership, how he is addressing the threat landscape and advice he has for up-and-coming leaders in the industry. Read his thoughts below!
To learn more about stepping into leadership, join Rich and other retail CISOs at the second annual Retail Cyber Intelligence Summit, taking place October 3-4th at the Hyatt Regency in Chicago. Rich is the opening keynote for day two of the conference. He’ll share a presentation on Stepping into Leadership: Staying Ahead of Today’s Threats and the Evolving CISO Role. You can find the agenda and the link to register at summit.RH-ISAC.org.
Here are Rich’s answers to some important questions:
Q: What is unique about security and your role at Target?
A: I have experience working across multiple industries, but what was unique to me when joining Target was the power of the Target brand. Target continually invests in the innovative technology and best-in-class team to create the most secure shopping experience for our guests in stores and online. In retail, we are so close to the guest and are responsible for protecting so many consumers and given the volume we have coming in our stores—it’s a responsibility that we take incredibly seriously.
Q: What should threat analysts trying to advance their career know?
A: The rapid pace of technology innovation and changing threat landscape means you’re never done, there’s always something to learn and somebody on the other end who is trying to outsmart you.
It’s critical for security professionals to understand their business. Threat analysts can’t just rely on collecting intelligence; they need to know how it applies to their company and make it actionable to drive more secure outcomes. Most of the time, security teams need to influence action and that can only happen if you know how to make your updates relevant to the business leaders.
Q: Why is proactive cybersecurity more important than ever?
A: Proactive cybersecurity is essential for any organization that’s serious about security. Companies need to continuously test their detection and response capabilities and their program effectiveness. It’s core to our program at Target, has helped us test our technical capabilities and prioritize projects and provides us the opportunity to test our company’s enterprise response.
###
About Rich Agostino, CISO, Target
Richard Agostino is the senior vice president and chief information security officer at Target Corporation. He has extensive experience in information technology, risk and compliance and driving enterprise security initiatives across large global organizations. In his current role, Agostino is responsible for Target’s Information Security organization, helping to enable Target’s enterprise strategy by protecting the company from security threats, and ensuring a secure shopping experience for our guests in stores and online.
Agostino joined Target in September 2014 as vice president of information security where he played a major role in the advancement of Target’s information risk and security strategy. Prior to Target, he was with General Electric for 12 years where he held various executive roles in information security, technology risk and audit.
Agostino is a member of the PCI Security Standards Council Board of Advisors, where he works alongside his peers to enhance payment security standards. He earned his bachelor’s degree in management information systems from the University of Connecticut and is a Certified Information Systems Auditor.
