The Biden administration has employed former Twitter cybersecurity chief Peiter Zatko for a part-time function with the Cybersecurity Infrastructure and Safety Company.
The information, first reported by The Washington Submit on Tuesday, caught my consideration — not as a result of it is surprising essentially, however as a result of it could be a stroke of genius on the federal government’s half.
It’s a crucial time for CISA to rent this specific individual. And on its face, the choice appears to make a complete lot of sense.
Zatko will work with CISA as a senior technical adviser tasked with “push[ing] software program producers to bake safety into their merchandise whereas they’re being developed,” the Submit reported. And CISA Director Jen Easterly confirmed the information on social media.
This was me studying the information:
Zatko is a longtime cybersecurity skilled and former hacker. Chances are you’ll know him because the whistleblower who final yr claimed Twitter executives had ignored a raft of safety points on the firm.
Zatko was fired from Twitter in January 2022, months earlier than Elon Musk took over the corporate. (Twitter has reportedly dealt with its share of safety points below Musk, too.)
Zatko’s claims, which Twitter stated are “riddled with inconsistencies and inaccuracies,” included allegations that 1000’s of Twitter workers had entry to customers’ personal knowledge; that Twitter could have been understating the variety of bots on its platform; and that Twitter could have had overseas brokers on its payroll, leaving customers’ knowledge vulnerable to malicious use by overseas governments.
One other attention-grabbing ripple on this story of Zatko’s hiring at CISA? It locations him at odds with Musk and his allies, who’ve tried (and failed) to show CISA is secretly an anti-conservative censorship company. (Extra on that right here.)
If you need somebody who can speak about cybersecurity in a broad sense, Zatko is succesful, however his expertise at Twitter additionally offers him perception into the particular cybersecurity points confronting massive social media firms and the international locations the place they function. And that experience appears very important, given the unlucky indisputable fact that these firms’ affect solely appears to develop by the day.
