Author of the article:
Article content
Twitter’s former chief information security officer (CISO) made a series of serious allegations against his former employer in his testimony before the US Congress, including allegations that foreign agents from India and China worked for the company and that executives Twitter misleads public and regulators over data. safety.
“First, they don’t know what data they have, where they live, or where they came from, and so, surprisingly, they can’t protect it,” Peiter Zatko told the Senate Judiciary Committee on Tuesday. “This leads to the second problem: employees need to have a lot of access to a lot of data in a lot of systems.”
Advertising 2
Article content
Article content
He joined the company in November 2020. Twitter says he was fired in January for “ineffective leadership and poor performance.”
Zatko was quoted by SC Media as saying that Twitter’s data infrastructure is so decentralized that even management does not know all the data the company collects or where it is stored. When he brought these concerns to Twitter’s leadership, he claimed that their incentive structure led them to prioritize “profits over security.”
News site The Record quoted him as saying that roughly half of Twitter’s employees are engineers who have extensive hands-on access to the company’s systems. However, these systems often lack logging capabilities, so it can be difficult to track if someone — such as an agent of a foreign government — inappropriately accesses the information.
Advertisement 3
Article content
Several news agencies noted that Twitter has been under a consent decree with the US Federal Trade Commission since 2011 due to several data security incidents. As recently as May, Twitter settled a civil complaint with the agency that accused the company of violating that order by collecting users’ phone numbers for account security purposes, then using them to target ads. The company agreed to pay a $150 million fine.
In response to the allegations, Agence France Press and others noted that in a statement, Twitter said its hiring process is “independent of any foreign influence” and access to data is managed through a number of measures, including background checks, access controls and monitoring and detection systems and processes.
Advertisement 4
Article content
Reuters news agency noted that many of the allegations are unconfirmed and have little documentary support.
Zatko was determined. “It is not idle to say that one employee in the company can take over the accounts of all the senators in this chamber,” he was quoted as saying. “Given the real harm to users and national security, I decided it was necessary to take on the professional and personal risk to myself and my family to become a whistleblower.
The testimony comes as the US House of Representatives grapples with a bipartisan federal privacy bill.
The post Twitter can’t protect user data, ex-CISO claims appeared first on IT World Canada.
The post Twitter can’t protect user data, ex-CISO claims appeared first on IT World Canada.
This section is powered by IT World Canada. ITWC covers the spectrum of enterprise IT, providing news and information for IT professionals aiming to succeed in the Canadian market.
