News

Crocs appoints SVP of global merchandising

BY CSA STAFF

Crocs has appointed footwear industry and product merchant leader Michelle Poole as SVP of global merchandising, a newly created role, reporting directly to president Andrew Rees.

Poole, who starts her new role Aug. 25, will be based out of the Product Creation and Global Shared Services Center in Niwot, Colorado.

"We are excited to welcome such an experienced and dynamic footwear leader to the Crocs management team," said Rees. "We look forward to Michelle's influence on our future product lines, as she helps us develop and execute more powerful and cohesive global brand stories to delight consumers worldwide."

Poole has more than 20 years of experience developing leading global fashion and lifestyle brands. Prior to joining Crocs, Poole spent five years at Sperry Top-Sider, where she was most recently the company's SVP of product. In this role, Poole was responsible for the creation and implementation of the global product strategy and led several key initiatives, including the launch of a year-round women's business and collaborated on the launch of specialty retail stores and sperrytopsider.com. Poole's footwear industry experience also includes brand-building roles at Timberland and Converse.

Poole received her bachelor's degree in fashion marketing from the University of Northumbria.

"I'm looking forward to joining the energetic and fun team at Crocs," said Poole. "The brand already has an iconic legacy with its core products and a powerful connection to consumers, and I'm excited to help build on this success."

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...
News

Aaron’s CFO to serve as interim CEO

BY CSA STAFF

Aaron's has tapped EVP and CFO Gilbert L. Danielson as interim CEO, effective following the previously announced retirement of Ronald W. Allen August 31.

The company announced Allen’s intentions to retire just under two weeks after posting disappointing second-quarter results.

While Danielson serves as interim CEO, he will also retain his CFO responsibilities during the interim period and will not be a candidate for the permanent CEO role. The board is working with Spencer Stuart, a leading executive recruiting firm, to assist in the process of identifying Allen's successor. The search process includes a review of both internal and external candidates.

Steve Michaels, president, will continue to implement the company’s plan to improve its core business by generating same-store revenue growth, enhancing its online platform, driving cost efficiencies, moderating new store growth and strengthening the franchise network.

“We are fortunate to have such a seasoned executive in Gil to step into this role on an interim basis while the board continues its search process,” Ray Robinson, chairman of Aaron's board of directors, said. “Having served as the company's CFO for more than 24 years, we are more than confident in Gil's abilities to lead Aaron's during this period and ensure a smooth leadership transition for the benefit of all our stakeholders.”

“I am honored to take on the role of interim CEO at this important time in Aaron's history,” Danielson said. “I am excited to continue to work closely with the board, senior leadership team and Aaron's dedicated and hard-working employees and franchisees as we strive to achieve our business objectives and continue to drive improved results for shareholders.”

Danielson has been CFO at Aaron's since 1990 and its EVP since 1998. Danielson served as VP of finance at Aaron's from 1990 to 1998. He has more than 20 years of experience as an officer and a director of Aaron's. Danielson served as a director of Servidyne (formerly known as Abrams Industries Inc.) from 2000 to 2011.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...
News

Three Steps Retailers Should Take to Protect Against Backoff Malware

BY CSA STAFF

By Deena Coffman, IDT911 Consulting

Retailers working to improve their security posture have a new threat to consider: Backoff malware. Although its appearances have been traced back as early as October 2013, Backoff is still inflicting harm in the retail sector by actively targeting point-of-sale systems, and the United State is its favorite target, according to TrendMicro’s analysis.

The malware relies heavily on remote desktop tools to gain access to deep-level assets. Needing an initial entry point on just one computer on the network, which happens easily when employees browse the Internet, Backoff takes up residence when an employee clicks on infected links in phishing emails or visits compromised websites. Either way, Backoff is quietly downloaded inside the enterprise network, and quickly goes to work.

Once Backoff has entered a computer, it launches a brute force attack designed to discover the password for installed remote desktop tools. (Many variants of Backoff contain a keystroke logger, which can also capture account credentials.) Some of the most popular enterprise-level remote desktop programs may be vulnerable to Backoff, including platforms offered by Apple, Microsoft and Google. With the remote desktop software compromised, Backoff is then able to go after higher-value targets within and across the network. POS systems—full of tantalizing payment card data—are Backoff’s primary collection and exfiltration objectives.

Because Backoff captures keystrokes and information in volatile memory, it evades the defenses that come with PCI compliance as it captures customer and track data from areas other than encrypted storage areas. Backoff is able to maintain a presence even if it crashes or is forcibly stopped, and until fairly recently, it was unable to be detected by anti-virus protections. At least 600 U.S. retailers have reportedly been infected so far.

How Backoff will affect the retail landscape

For organizations with large geographic footprints, what may begin as a relatively contained breach can quickly escalate to a situation that impacts sales across the entire store portfolio. The full scope of threats posed by Backoff are still emerging. In fact, it would be unwise to assume Backoff is being used to its full potential.

Three tips for protecting your organization from Backoff

Approaching data security from several angles, also known as “defense in depth,” is the best strategy. Just a few recommended measures include:

1. Implement defensive measures. Train employees how to browse the Internet and to avoid phishing and pharming. Limit administrative privileges and configure account lockout so that brute force attacks on account credentials trigger an account to be locked. Alert on this event and look into events that appear on the reports. Keep antivirus and antimalware software up to date.

2. Consider implementing multifactor or at least two-step authentication for accounts with access to sensitive or protected information.

3. Carry out a security assessment to determine where existing systems may have security weaknesses that may be vulnerable to Backoff or areas where malware such as Backoff has already gained entry. Examine all remote access connections and firewalls and change default account credentials and settings. Keep sensitive data segregated from operational information that is likely accessed frequently and by wide groups of users.

What to do if you have a breach

Mounting an effective and expedient response to a breach is crucial. Not only will it help to stop the attack and prevent additional consumer data from being stolen, it’s also instrumental in minimizing the reputational harm that can befall a compromised retailer.

• Partner with an experienced incident response team to determine what happened, eradicate the malware and restore operations. In the case of something as stubborn as Backoff—where the threat is specifically designed to resist attempts to scrub it from the system—it’s crucial that all instances of the malware be correctly and completely removed to prevent additional exposures.

• Set up a call center to keep affected customers and employees informed. This helps to reassure the employees and customers that they are receiving accurate and authentic information about the breach, and it gives your organization the opportunity to maintain tight control over all public-facing communications.

• Because employees are a crucial component in protecting against Backoff, it’s prudent to examine the organization’s current security training and awareness program. Training and communication should be current, periodic and tailored to the role of the employees receiving the communication or training. One-size-fits all, online training delivered once a year is not enough to train an entire workforce on such an important and dynamic protocol.

Deena Coffman is CEO of IDT911 Consulting, a subsidiary of IDT911, a leading consultative provider of identity and data risk management, resolution and education services. IDT911 Consulting provides information security and data privacy services to help businesses avert or respond to a data loss incident. She can be reached at [email protected].


More Web Exclusives/Guest Commentaries

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...