Defining Leadership - Two CEO Titan's Talk Leadership in 1 Minute
An Absolute Must Watch 1 Minute Video

At a gala on Thursday to celebrate CNBC's 25th anniversary, J. Crew CEO Mickey Drexler and Under Armour CEO Kevin Plank shared their thoughts about leadership and competition.

J. Crew's Mickey Drexler:

"I define leadership as: Emotionally you own your business. You own it with passion. And you either have or you don't have an economic investment. But when you have all three of those, you are the boss from Day One, and you care every single day more than anyone. And you have to build a team, but someone's got to lead, and someone's got to be unpopular at times."

Under Armour's Kevin Plank:

"Let me be clear, we really don't like anyone we compete with, and not in, like, a bad way. And I think people that are outside of it, and they sort of look and go, 'How's it going in sporting goods?' I don't call them and send them Christmas cards." cnbc.com

Editor's Note: Understanding they're talking about it from their perspective and level you've got to take what they're saying and translate it to your own level and position, as it's bare bones - simple - and absolutely represents the core of their beliefs and actions.

Sponsored by Protection 1
 

Target elevates - separates & gives 'corporate security' a seat at the table
With last week's appointment of Jacqueline Hourigan Rice as senior VP, chief risk and compliance officer with corporate security and its suppliers as part of her responsibility, Target has sent a clear message that corporate security has become such a significant exposure and is so critically important, that it warrants a seat right next to the CEO. Last year's data breach drove them to create and fill a new chief information security officer's (CISO) position this past June, who by the way came from the same company, GM, that Rice came from. So the breach isn't necessarily the driving force behind this new job but it is a part of it. This "elevation" and separation from the traditional Asset Protection pyramid head was driven by six primary factors: technology, the Foreign Corruption Practices Act (FCPA), the insider threat, third party (vendor) compliance, the increase in Active Shooters, and the need to send the message to the legal community, wall street, and the SEC that Target's CEO is directly connected to corporate security. A theme that will become a trend in the entire retail industry. Interesting though how they didn't appoint a chief security officer (CSO) but yet elected to create and give the responsibilities to a chief risk and compliance officer (CRCO). Just a thought.

Heads Up - LinkedIn's 'Reference Search' Cost Executive His Job - 4 Executives Suing LinkedIn - A Reference List You Didn't Write  Four people are suing LinkedIn, contending that one of the site's networking features cost them job opportunities. The LinkedIn service in question is called "Reference Search." It is available only to premium account holders, who pay a monthly fee. An employer or recruiter can use it to generate a list of people in its own network who worked at the same company at the same time as a job candidate. It also allows premium members to use the site's messaging system to contact people who appear on those lists, without notifying a job candidate. LinkedIn, in providing the job reference material, enabled potential employers to "anonymously dig into the employment history of any LinkedIn member, and make hiring and firing decisions based upon the information they gather," without ensuring that the information was accurate. This, they said, is a violation of the Fair Credit Reporting Act. Whatever the suit's merits, the case illustrates how social media sites have become an essential tool for many employers and recruiters, a productive fish bowl in which to trawl for, identify, observe and vet job candidates. It also suggests that many job seekers may be unaware of the techniques a company can use to parse the information they have publicly posted online - with possible consequences for their career prospects. The legislators who enacted the Fair Credit Reporting Act of 1970 did not anticipate social media. Today, it is standard practice for employers and job recruiters themselves to scour social media to identify job candidates. But the situation becomes more complicated when they hire outside firms to compile reports on potential employees. Over the last few years, federal regulators have been looking into online intelligence brokers that compile dossiers on consumers that could be used to disqualify someone from being hired - a practice industry professionals refer to as "knockout" screening. In an interview last week, Julie Brill, a member of the F.T.C., said: "We have made clear that the F.C.R.A. applies to services offered over the Internet and mobile apps." The suit against LinkedIn contends that the law should apply to its reference lists. Editors Note: Interesting case to watch long term. nytimes.com

Data Breaches at Home Depot and Target Both Caused By Theft of Credentials From Third-Party Vendors  While these situations have everything to do with cybersecurity, the elephant in the room that is yet to be adequately addressed is third-party risk: How can you implement appropriate cybersecurity if you have no idea that your third parties even have access to your IT systems? Dickinson and Flynn can discuss how companies need to gain visibility into who their third parties are and what business services they provide before they can manage the risks associated with specific threats. businesswire.com

On the Hunt for Hackers, but Not the Spotlight - The 'Dark Web's' UC - You May want to know who this guy is - You may need him sometime  Lawrence Baldwin is a dark hero of the Internet whom you have probably never heard of - and for good reason. A decade ago, Mr. Baldwin made a name for himself and his Atlanta-based security firm, myNetWatchman, by collecting and analyzing digital scourges like malware, and alerting companies to them. He was a fixture on the security conference circuit and was often quoted in the press about security threats. And then he seemed to disappear. Beyond a bare-bones website and a LinkedIn profile where his only listed interest is "chasing down cybercriminals and smacking them upside the head," Mr. Baldwin largely vanished from the web. Yet Mr. Baldwin is well known to a number of large United States banks and financial institutions that have turned to him for help in combating increasingly sophisticated hacking attacks. For the past seven years, several security consultants and former law enforcement personnel say, Mr. Baldwin has immersed himself in the so-called dark web, using what most describe as unorthodox methods to gather intelligence about online financial crime. Mr. Baldwin, 49, says that he is able to closely monitor many of the criminals who he says have made "hundreds of millions of dollars" hacking into American banks and corporations. Another described his work as "very cloak and dagger." All agree that the intelligence he provides is very effective. "I would take his intelligence over anyone else's any day of the week," another said. "Baldwin stands out because he provides actionable intelligence," said Avivah Litan, a security analyst with Gartner, the research firm. "It's exact, it's original and he barely charges for it, whereas other firms repackage intelligence from many sources." Lawrence Baldwin says "I'm not a press hound," he said. "There are serious personal safety issues to consider." nytimes.com

Retail's UFC Title Bout - Family Dollar & Dollar Tree VS. Dollar General - Dec. 30th
Dollar Tree Certifies Substantial Compliance with FTC's Second Request under HSR Act  Dollar Tree, Inc announced that, as planned, it has certified substantial compliance with the Request for Additional Information and Documentary Materials ("Second Request") issued by the Federal Trade Commission ("FTC") on September 8, 2014, regarding its proposed acquisition ("Proposed Merger") of Family Dollar Stores, Inc. ("Family Dollar"). Dollar Tree and Family Dollar have agreed not to close the Proposed Merger prior to December 30, 2014, unless the FTC completes its review of the Proposed Merger and terminates the waiting period at an earlier date. Editor's Note: With literally tens of thousands in attendance, this Dec. 30th match will impact hundreds if not thousands of jobs and change the retail landscape forever. Certainly it'll impact dozens of LP jobs. With Dollar General not going out quietly it's going to be interesting to see the next move if there is one. So far they've been unable to accumulate enough tenders to make a difference. businesswire.com

Big Freeze Coming For 200M This Week - Deep Freeze - Deep Push Online - More Bad News For Stores - Store Closures?  With a polar vortex coming and hanging around until mid-month we could see bad November store sales. With store closings, travel coming to a screeching halt, and shoppers house bound. Not good news for the nations retailers. Merchandise stalled on the West Coast ports, airfreight and trucks slowed, this early winter storm could wreak havoc on the already disappointing sales trends. Get ready for your store closings because here comes Mother Nature.  upi.com

U.S. Seizes 400 'Dark Market' Websites Selling Illegal Goods - Stolen Credit Cards - 17 Arrested  U.S. federal law enforcement, working with agencies in about 16 countries, said Friday they seized more than 400 so-called "dark market" websites offering illegal goods on the Tor network. The websites seized by law enforcement sold an array of illegal goods, including drugs, stolen credit cards, fake identity documents and weapons. The operation took down more than 400 Tor website addresses, as well as the servers using them. wsj.com

Watch Out America, Here Comes Dublin-born Primark with first store in Boston - They'll be building a new LP Department - Here comes some new jobs  If you've never been inside a Primark store, they are truly a force of nature. Extremely low prices and extremely fast fashion create a shopping frenzy among European consumers. There are individual Primark locations that do in excess of $200 million a year. Given Primark's market segment—low priced clothing—the number of units the retailer pushes through the doors is truly staggering. We expect Primark to have the same type of success in the United States as it does in Europe. Low prices and fast fashion are a formula that seems to translate well across countries. The success of H&M and Uniqlo here is evidence of this and Primark would take the low price proposition to yet another degree. Editor's note: They'll need a Loss Prevention program and senior LP leader quickly enough! Keep an eye out on this one. nreionline.com

Open, Close: Target Shutters As Many Store As It Opens - 19 This year alone in U.S.  If you haven't noticed, Target been closing more and more stores. And the retailer just announced that by February it will close 11 more underperforming stores. This will come just about six months after it closed eight other sites. In all, the chain will have shuttered 19. But what is unusual, this is also the same number of stores the retailer opened last year, according to its annual report. madamenoire.com

Retailers Stop Reporting Monthly Sales Numbers - Stock Market Overreacts
Years ago you could rely on the monthly numbers coming out to gauge the retail trends and individual performance. But the trend now is to report only when required by the SEC - Quarterly. Home Depot was the first to stop in 2006 and more and more have followed suite since then. During the recession scores of retailers stopped the practice. Making it difficult for anyone to see any trends at all except for the quarterly reports. Now there's only about a dozen reporting. Retailers' reasons for abandoning monthly sales reports have tended to be that they aren't a relevant measure of performance and that investors are prone to overreact to them. wsj.com

US Bank owes customers $48 million
More than 420,000 customers of US Bank are entitled to money back after the Consumer Financial Protection Bureau ordered the bank to pay $48 million for illegal billing practices. U.S. Bank customers were unfairly charged for identity protection and credit-monitoring services that they didn't receive, bureau officials said. The services were sold as "add-on products" for credit cards and other bank products. In addition to the $48 million due back to customers, U.S. Bank was ordered to pay a $5 million civil penalty to the bureau and a $4 million penalty to the Office of the Comptroller of the Currency. U.S. Bank customers were unfairly charged for identity protection and credit-monitoring services that they didn't receive, bureau officials said. The services were sold as "add-on products" for credit cards and other bank products. In addition to the $48 million due back to customers, U.S. Bank was ordered to pay a $5 million civil penalty to the bureau and a $4 million penalty to the Office of the Comptroller of the Currency. cincinnati.com

This Verbal Confrontation Shows Why Walmart Will Never Accept Apple Pay  Execs from the consortium of retailers called MCX insisted recently that the group's backing of CurrentC - and ban of Apple Pay - had little to do with their issues with credit card fees even though the beta version of the app doesn't accept traditional cards. Instead, they said, MCX was creating CurrentC mainly to craft a system that combined loyalty offers and a mobile payment system in one. But the actions of Mike Cook, Walmart's Assistant Treasurer and one of the masterminds of MCX, tell a different story. At a recent payments conference called Money2020, Cook's public questioning of a top Visa executive made it clear that the credit card debate is alive and well and a big reason why Walmart isn't accepting Apple Pay. Cook stepped to the microphone in the audience during the Q&A session of a panel discussion and made it clear he was as interested in simply making a point as he was in getting an answer to his questions. Earlier in the panel, Visa's Jim McCarthy had mentioned that purchases made in stores using Apple Pay typically qualify for what are called "card-present rates." Merchants pay banks a fee every time a credit card is used for a purchase. Card-present rates are the cheapest category of fees; since the card is being swiped, the thinking has historically been, there is a lower chance of fraud compared to card-not-present transactions where card information has to be manually keyed into the payment device in a store or on a website. Now Cook wanted to know, in effect, why McCarthy was boasting about Apple Pay qualifying for this cheaper transaction rate when card-present transactions are much more common than card-not-present transactions in stores. McCarthy started to answer before Cook cut him off. recode.net

China suspected in US Postal Service hack that exposed data on 800,000 workers The U.S. Postal Service (USPS) revealed Monday that data on its employees may have been compromised in a "cyber intrusion incident." USPS said it recently learned of a data breach affecting the names, dates of birth, Social Security numbers, addresses, employment dates and emergency contact information of up to 800,000 employees. Post office customers who contacted the Postal Service Customer Care Center via telephone or e-mail between Jan. 1 and Aug. 16 may have had their names, addresses, telephone numbers or e-mail addresses compromised, the USPS said, but added there's no evidence to suggest customers' credit card information was stolen or hacked. "The intrusion is limited in scope and all operations of the Postal Service are functioning normally," said USPS media relations manager David Partenheimer in a statement. "We began investigating this incident as soon as we learned of it, and we are cooperating with the investigation, which is ongoing. The investigation is being led by the Federal Bureau of Investigation and joined by other federal and postal investigatory agencies." Employees possibly affected by the data breach have been notified, and will receive credit monitoring services for one year at no charge, USPS said. The mail service did not identify suspects in the investigation, but Partenheimer told the Washington Post that the intruder may be "a sophisticated actor that appears not to be interested in identity theft or credit card fraud." engadget.com

Target testing mobile app CurrentC, hopeful that it can rival Apple Pay

Toys R Us to open 5 p.m. Thanksgiving & remain open until Friday 11 p.m.

Last week's most popular news article --

Target Announces 11 Upcoming Store Closures
Target Corporation today announces that it will close 11 locations as of February 1, 2015. Target guests in the affected markets can continue to expect the same great variety and service at other Target locations and also visit Target.com for their shopping needs. The decision to close a Target store is only made after careful consideration of the long-term financial performance of a particular location. All eligible store team members are being offered the option to transfer to other Target stores. Team members who choose not to transfer will be offered a separation package. target.com
 

All the News - One Place - One Source - One Time
The D&D Daily respects your time & doesn't filter retail's reality
 

Justice & Brothers Stores Loss Prevention Team

"LP - Your Profit Protection Professionals"



Sponsored by:

*In order to get your printed plaque, make sure that your
photograph and logo is 6 inches wide at 300dpi! Keep those selfies coming!
 

More Than 400 .Onion Addresses, Including Dozens of 'Dark Market' Sites, Targeted as Part of Global Enforcement Action on Tor Network

The "dark market" websites were designed to facilitate illicit commerce by providing anonymity to users. The sites were only accessible to users of the Tor anonymizing network. The sites also accepted payments for their illicit goods and services in bitcoin or similar virtual currency designed to be as anonymous. Read the entire FBI press release here fbi.gov
 

PCI and Exception-Based Reporting

While all retailers are now familiar with the Payment Card Industry (PCI) Data Security Standards (DSS), some are still working on how best to protect cardholder data within their exception based reporting (EBR) application. Ultimately, the answer on how this data will be protected may depend on company-wide decisions or chosen protection methods. However, how your company chooses to protect the data may affect your ability to also effectively utilize reporting to detect exceptions.

The most common methods of cardholder data protection currently in use are: Masking, Encrypting, and Hashing. Each of these techniques has its benefits and limitations as they relate to their ability to provide adequate reporting within an EBR application.

Masking
Masking is the method most consumers are familiar with since many retailers, restaurants, etc., began "masking" credit card numbers on receipts, even before PCI-DSS was a requirement. Masking involves "hiding" certain numbers within the credit/debit card number. Businesses that mask credit/debit card numbers can show up to the first 6 digits and the last 4 digits of the number, with all digits in between "masked" (usually shown as "X" on a receipt).

While this method is the easiest to implement, and can provide valuable information for the merchant, it has also been found to be the least "safe" method for protecting cardholder data. Since the majority of credit/debit card numbers most commonly used in the United States consist of 14-16 digits, a hacker need only to identify 4-6 digits in order to obtain a complete, valid credit/debit card number. Research suggests this can be accomplished in a matter of a few hours.

Read more here. 
 

Job Opening

Company

Location

Origination
 

National Account Mgr

Confidential

Northeast

Downing & Downing

Job Opening

Company

Location

Origination

Last week's most popular articles--

Train Your Brain to Think More Clearly
The words you use when you're thinking and expressing your thoughts mold how you see the world. In order to speak more clearly and get the words to come out just right, it takes a lot of training in your brain. Use these tips to hone your word skills. One syllable

3 Cultural Problems that Cause Good Employees to Go Bad  We often tell ourselves that we would never do this bad thing or that bad thing, but are choices are more flexible than we think. Your surroundings have a big influence on the decisions you make. Here are some dangerous cultural issues that could contribute to good people making bad decisions. Lots of pressure