Twitter chief information security officer Lea Kissner departs

Twitter’s most senior cybersecurity staffer Lea Kissner has departed the social media giant.

Kissner announced the move in a tweet on Thursday, saying they made the “hard decision” to leave Twitter, but did not say for what reason they resigned. Elon Musk completed toptechtrends.com/2022/10/27/elon-musk-bought-twitter/”>a $44 billion takeover of Twitter two weeks ago, resulting in toptechtrends.com/2022/11/07/after-laying-off-half-of-its-staff-twitter-might-be-asking-some-employees-to-come-back/”>layoffs affecting more than half of the company and toptechtrends.com/2022/10/27/elon-musk-fired-top-twitter-execs-including-ceo-reports-say/”>the departure of senior executives, including CEO Parag Agrawal, general counsel Sean Edgett, and legal policy chief Vijaya Gadde.

News of Kissner’s departure was first reported by Casey Newton. Twitter’s chief compliance officer and chief privacy officer also resigned on Wednesday, Newton said.

It’s not immediately clear who is responsible for Twitter’s day-to-day security operations following Kissner’s departure. A spokesperson for Twitter did not immediately respond to a request for comment.

Kissner, who previously served as Twitter’s head of privacy engineering, was appointed Twitter’s chief information security officer (CISO) in January 2022 following the departure of security head Peiter “Mudge” Zatko and toptechtrends.com/2020/09/30/twitter-ciso-rinki-sethi/”>then-CISO Rinki Sethi. Mudge went on to toptechtrends.com/2022/09/13/twitter-whistleblower-mudge-congress/”>blow the whistle to federal regulators claiming security mismanagement and lax access controls that put users’ data at risk.

Twitter is currently under a 2011 agreement with the Federal Trade Commission which accused Twitter of cybersecurity failings that allowed cybercriminals to access internal systems and user data. The decree mandates that Twitter “establish and maintain a comprehensive information security program” to be audited every decade. It’s not clear how Twitter maintains that compliance with the FTC without a company security lead in place. One employee said in a company Slack that it was for Twitter engineers to “self-certify” compliance with the FTC.

Earlier this year, Twitter was toptechtrends.com/2022/05/25/twitter-agrees-to-pay-150m-for-breaking-privacy-promises/”>fined $150 million for violating that 2011 consent decree for misusing email addresses and phone numbers provided by users to set up two-factor authentication toptechtrends.com/2020/08/04/twitter-warns-investors-of-possible-fine-from-ftc-consent-order-probe/”>for targeted advertising.

toptechtrends.com/2022/11/10/twitter-lea-kissner-departs/”>Twitter chief information security officer Lea Kissner departs by toptechtrends.com/author/zack-whittaker/”>Zack Whittaker originally published on toptechtrends.com/”>TechCrunch