Dive Brief:
- Twitter, after struggling to manage several high-profile cyberattacks and disinformation controversies in recent months, has tapped famed hacker Peiter Zatko, to join the social media giant in the newly-created position as head of security, according to Reuters.
- Zatko, widely known by his online handle "Mudge," will report directly to Twitter CEO Jack Dorsey and have broad authority to examine everything from information security, platform security, engineering and other key functions. Zatko, who previously led security at payments platform Stripe, is known for his early leadership in a hacking group that targeted Microsoft and his work with the Pentagon's Defense Advanced Research and Projects Agency.
- The social media platform is recovering from a series of incidents, including a July attack where hackers gained access to the accounts of several high-profile public figures, including Microsoft co-founder Bill Gates, rap superstar Kanye West, Tesla CEO Elon Musk and then presidential candidate Joe Biden.
Dive Insight:
The move to hire Zatko was widely hailed by cybersecurity analysts and seen as a bold step by Twitter to regain control over the social media platform. The platform has also been used to spread disinformation related to the 2020 presidential campaign.
Industry veterans say Zatko's hiring is a serious and well thought out decision, and not just a showcase marketing ploy to shift the narrative.
"To wax rhapsodic, I think Mudge is a good hire for Twitter, because the security issues are macro and micro," Doug Britton, CTO at RunSafe Security, said in an email. "In many respects, they've become part of the central nervous system of modern social communications."
The challenge is not just about keeping the attackers away from Twitter, but how did Twitter "become an unwitting accomplice to violence, misinformation, oppression, hacker communication, espionage and sex trafficking," Britton said. To combat that kind of risk, you need a thinker who can remain two or three moves ahead of the adversary.
"My take is that he remains one of the best security minds on the planet today — and Dorsey bringing him [in] speaks well for their focus on security as they emerge from the 2020 season, and not a marketing move," Kevin O'Brien, co-founder and CEO of cybersecurity firm GreatHorn, said in an email.
O'Brien has a close up view of Zatko, having worked with him about two decades ago at iconic security firm @stake. The firm was later acquired by Symantec in 2004.
"Twitter has been facing a wide range of threats as it has both been recognized for having significant influence socially, as well as for its more political angle on the outcome of the election and marking of certain tweets for containing falsehoods," O'Brien said. "Given the social importance of social media, having Mudge heading up the security focus for Twitter is a significant step forward."
The addition of Zatko is not the only security appointment Twitter made this year. In September, Twitter hired Rinki Sethi, the former CISO at cloud data management firm Rubrik, as its new VP and CISO, part of an initial effort to restore security and privacy guardrails at the social media platform following the July attacks.
