Exclusive Interview: Heartland's Bob Carr

Credit EligibleAs a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info

Eighteen months ago, when the Heartland Payment Systems data breach first hit the news, Heartland CEO Bob Carr knew exactly where to turn - to Tylenol.

Specifically, Carr sought counsel from the former CEO of Johnson & Johnson, manufacturer of Tylenol, to inquire what his company did to get through the 1982 disaster in which seven people died after bottles of the pain reliever were laced with poison. Tylenol went on to become a leader in tamper-resistant packaging, and Johnson & Johnson went down in business history as a model of crisis management.

The Heartland data breach, announced on Inauguration Day 2009, was orchestrated by organized cyber criminals and impacted an estimated 130 million credit/debit cards -- the largest such incident ever reported.

"I just couldn't believe it happened to us, of all companies," says Carr, reflecting on the Heartland breach in an exclusive interview. "We were so focused on security at all times."

With advice from his management team, attorneys, law enforcement - and, yes, the former CEO of Johnson & Johnson - Carr responded to the breach with openness and action.

"Our approach was: Be candid about this; tell the truth," Carr says. "Then because of this - not because we wanted it, that's for sure - I was basically handed a microphone, and I used that microphone to talk to our industry about fixing the root cause of the problem of weak security in our industry."

Click to Get Updates on the Latest Information Security News

Company* Title* Email* Subscription Type: HTML Text Healthcare Enews General Healthcare Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Government Enews General Government Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Banking Enews General Banking Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Credit Union Enews General Credit Union Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Need Help?

In this interview, Carr talks about leadership at a time of crisis, discussing:

• How he pulled together his incident response strategy;
• Lessons learned - what worked and what didn't;
• Advice for other business leaders in times of crisis.

"Don't blame other people," is Carr's first word of advice. "Communicate openly with employees and customers. Be transparent. And tackle the major causes of the problem - that's the #1 thing we did that helped us get through this."

And years from now, if another CEO tracks down Carr to seek his counsel for how to respond to a disaster of Heartland proportions, he knows exactly what he'll say. "The Tylenol model does work," he says. "This wasn't our invention, this [crisis management] concept. It was Johnson & Johnson's, and my hat's off to that company."

Hear the entire interview with Heartland Payment Systems CEO Bob Carr.