Twitter’s top cybersecurity employee Lea Kissner has left the social media giant.
Kissner announced the move in a tweet on Thursday, saying they made the “difficult decision” to leave Twitter, but did not say why they resigned. Elon Musk completed a $44 billion acquisition of Twitter two weeks ago, resulting in layoffs affecting more than half the company and the departure of top executives, including CEO Parag Agrawal, general counsel Sean Edgett and chief of Legal Policies Vijaya Gadde.
News of Kissner’s departure was first reported by Casey Newton. Twitter’s chief compliance officer and chief privacy officer also resigned Wednesday, Newton said.
It is not immediately clear who is responsible for Twitter’s day-to-day security operations following Kissner’s departure. A Twitter spokesperson did not immediately respond to a request for comment.
Kissner, who previously served as Twitter’s head of privacy engineering, was named Twitter’s chief information security officer (CISO) in January 2022 following the departure of security chief Peiter “Mudge” Zatko and then-CISO Rinki Sethi. Mudge went on to blast federal regulators alleging security mismanagement and lax access controls that put user data at risk.
Twitter is currently under a 2011 settlement with the Federal Trade Commission, which accused Twitter of cybersecurity failures that allowed cybercriminals to access internal systems and user data. The order mandates that Twitter “establish and maintain a comprehensive information security program” that will be audited every decade. It’s not clear how Twitter maintains that compliance with the FTC without a company security direction. An employee said in a company Slack that it was for Twitter engineers to “self-certify” compliance with the FTC.
Earlier this year, Twitter was fined $150 million for violating a 2011 consent decree for misusing email addresses and phone numbers provided by users to set up two-factor authentication for targeted ads.
