M&S CISO: I have to remind our board that we are going to have data breaches and get hacked

By Sooraj Shah
01 Jul 2014 View Comments
matt-denny

The head of information security and compliance at retailer Marks & Spencer (M&S), Matt Denny, has claimed that he has to remind his board that the company will suffer data breaches and will get hacked, because all companies suffer from cyber-attacks.

Denny, who was addressing delegates at Computing's Enterprise Security and Risk Management Summit today, said that he has had to try to change the mind-set of the board in terms of security.

Further reading

He also stated that he has a good working relationship with M&S's CIO Darrell Stein, who is to step down from his role this summer.

"I have a very supportive CIO; [when it comes to budget] I sort him out and he sorts me out," he said.

In his presentation, Denny explained that when M&S had hired him, the firm hadn't dealt with information security as it does today. Instead he was launched into what he joked was a "Here be dragons" type situation. 

His team was made up of some permanent employees and contractors, but Denny suggested that he needed a team of specialists, all in-house.

"So on day one I sat down with my team and had 45-minute one-to-one interviews with them, and it took until the middle of the day before I found someone who I could say was ready for a security career," he said.

Many of the team that Denny did settle with did not have any experience in the information security field and had to be trained. He believes the investment in training and time with the employees has meant that there hasn't been a huge turnover in staff. Only two people have left - one had been made redundant, and the other moved to another division.

"Anyone that we wanted to stay has stayed here," he said.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

22 %
49 %
13 %
16 %