security

Former Twitter head of information security claims he was fired after raising concerns about cost cuts at Elon Musk’s company – CNN


Justin Sullivan/Getty Images

The former head of information security for Twitter, now known as X, has accused the company of firing him after he raised concerns about cuts to security systems.


New York
CNN
 — 

The former head of information security at Twitter, now called X, is accusing the company of firing him after he objected to demands by owner Elon Musk and his associates to make cuts to safety systems.

Shortly after Musk’s takeover of Twitter late last year, the billionaire’s leadership team demanded cuts to physical and digital security that threatened to put the company out of compliance with multiple regulatory requirements and posed a “danger to public safety,” according to the complaint filed Tuesday in federal court in New Jersey, on behalf of former Twitter Global Head of Information Security and Technology Alan Rosa.

After Rosa raised concerns about the risks of such cuts, he alleges he was removed from one of his regular duties and then abruptly restricted from company systems and terminated “without notice” and having been given “no reason” for his firing.

Rosa is accusing X of contract violations and unlawful termination. He initially attempted to handle the issue via private arbitration after having signed an arbitration clause, but X refused to engage, according to the complaint.

A spokesperson for X did not immediately respond to a request for comment.

Months before Musk took over Twitter, the company agreed to pay a $150 million penalty after the US government accused it of misleading consumers about how it protects their personal data, in violation of a 2011 privacy settlement with the Federal Trade Commission. Twitter also faced claims last year from a former executive-turned-whistleblower about alleged cybersecurity deficiencies and ongoing non-compliance with the 2011 FTC consent decree.

Readers Also Like:  Trump immigration policies set the tone for most of the GOP ... - Iowa Capital Dispatch

Within days after Musk’s takeover in late October 2022, legal experts raised concerns that the company may have again violated its consent agreement with the FTC if it had failed to submit a required compliance notice to the regulator within 14 days of the ownership change. (The FTC declined to comment at the time.)

The complaint Tuesday from Rosa — who had led information security at the company since January 2022 — offers new insight into the extent of the cuts made by Musk and the new leadership team he brought in following his acquisition.

Shortly after the takeover, Musk laid off 50% of Twitter’s staff. Musk also hired Steve Davis, head of Musk’s Boring Company, to work as a “high-level advisor” at Twitter and take over leadership of some departments, according to the complaint. (The Boring Company did not immediately respond to a request for comment from Davis.)

“Davis, like Musk, was dismissive of the Twitter FTC Consent Decree and began cutting Twitter’s products and services that supported and complied with the Twitter FTC Consent Decree,” the complaint states.

For example, Davis allegedly “did not want to pay” for the company’s vulnerability management software or its ethical hacking program, both of which were “necessary” to comply with the FTC agreement. Davis also directed Rosa to shut down the software systems through which Twitter shared time-sensitive, important information with law enforcement entities, a potential violation of the European Union’s Digital Services Act, the complaint states.

Days later, Davis allegedly directed Rosa to cut Twitter’s physical security budget by 50% within hours.

Readers Also Like:  Israel trusts India, comfortable sharing security secrets: Minister Nir Barkat - Hindustan Times

“Plaintiff immediately objected to participating in such activity, as he had a reasonable belief that such an immediate budget cut, after already cutting the budget by 50%, would put the physical building at risk of violating a Court Order … and it posed a substantial danger to public safety,” the complaint states.

After Rosa objected, Davis allegedly removed his oversight of the physical security team; five days later, Rosa learned he’d been terminated when his access to company systems was removed without notice.

With the lawsuit, Rosa is seeking to be paid his severance, as well as a $200,000 bonus, more than $300,000 in vested equity compensation and other benefits — money he claims he was denied after the company began what the complaint calls a “sham investigation” regarding his conduct while he was employed.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.