Former Twitter security chief and “executive in residence” at cybersecurity firm Rapid7, Peiter “Mudge” Zatko, has landed a new role with the Cybersecurity and Infrastructure Security Agency (CISA), where he will begin a part-time role as a senior technical adviser.
Zatko first began to gain notoriety as a member of the L0pht hacking collective, when he testified before a Senate committee in 1998 warning the country about security concerns in one of the first congressional cybersecurity hearings. He’s also known as a whistleblower in filing a complaint against Twitter with the Securities and Exchange Commission (SEC), the Justice Department, and the Federal Trade Commission (FTC). It was through this that he alleged that Twitter executives deceived federal regulators and violated terms of a FTC security agreement; again, he testified before the Senate on this matter, last September.
Now he will help enable the Biden administration’s plans to enforce “secure by design” products.
“We need team members with extraordinary expertise to help us identify the right levers and lead the hard conversations,” CISA director Jen Easterly stated. The goal in CISA’s plans, as well as those of the National Cybersecurity Strategy, is for cybersecurity accountability to be upheld by technology vendors rather than business leaders, customers, and security professionals.
“I am honored to formally return to public service and work with CISA on the critical cybersecurity issues we face, including enabling secure-by-design principles to be accessible, measurable, and adopted by government and industry alike,” Zatko wrote in a statement. “I have devoted my life to moving the [cybersecurity] field forward by way of transparency, education, and innovation. I have endeavored to do this irrespective of being in the public sector, private sector, nonprofit, through technical contributions, or in executive and leadership positions. I look forward to continuing my mission to serve everyone the best I can.”