How is it not the responsibility of senior management at a major retailer to ensure an exploit at a vendor can't take the whole house of cards down?
Many other major enterprise clients out there are all over vendor security/compliance ... auditing and reauditing vendors to minimise chance of this happening or worst-case, if does happen, containing it and recoverying quickly
>How is it not the responsibility of senior management at a major retailer to ensure an exploit at a vendor can't take the whole house of cards down?
I think you may be misunderstanding their organisation layout - his job is entirely to do with the quality of the products that they offer (and he's very good at it). He's nothing to with sales or online or any of that, but part of the 'normal' retail chain that people would never think goes anywhere this stuff. But their systems were all taken out because of this.
How is it not the responsibility of senior management at a major retailer to ensure an exploit at a vendor can't take the whole house of cards down?
Many other major enterprise clients out there are all over vendor security/compliance ... auditing and reauditing vendors to minimise chance of this happening or worst-case, if does happen, containing it and recoverying quickly