1.8 C
London
Monday, February 6, 2023

Cybersecurity expert explains claims Twitter ignored security measures

Must read

Explosion possible after derailment of train carrying hazardous materials in Ohio

As federal investigators tried to figure out why a 150-car train derailed in northeastern Ohio, the state's governor warned late Sunday that unstable temperatures...

The solo GP behind iSeed SEA launches its second fund for Southeast Asia • londonbusinessblog.com

If you follow Southeast Asia finance, you are probably familiar with iSeed SEA. Some of the startups the fund has invested in since...

Measures to address excessive volatility: Sebi on Adani crisis

Sebi said on Saturday that it is committed to ensuring the integrity of the stock market. All necessary regulatory measures have been taken to...

Darcey Silva- Wiki, age, husband, net worth, ethnicity

Darcy Silva first gained fame with the TLC reality TV series "90 Days Fiancé," which follows engaged couples who have 90 days to get...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Given Twitter’s global presence as a communications platform, other countries, such as Russia and China, may require the company to hire its own government officials as a condition of allowing the company to operate in their country. Zatko’s allegations about Twitter’s internal security raise the possibility that criminals, activists, hostile governments, or their supporters may want to abuse Twitter’s systems and user data by recruiting or blackmailing employees. national security concerns.

Worse, Twitter’s own information about its users, their interests, and who they follow and interact with on the platform can target it for disinformation campaigns, blackmail or other nefarious purposes. Such foreign targets of prominent companies and their employees have been a major concern for counterintelligence in the national security community for decades.

precipitation

Whatever the outcome of Zatko’s complaint to Congress, the SEC, or other federal agencies, it’s already here part of Musk’s latest legal files while trying to forgo his purchase from Twitter.

Ideally, in light of these disclosures, Twitter will take corrective action to improve the company’s cybersecurity systems and practices. A good first step the company could take is to review and restrict who has root access to its systems, source code, and user data to the minimum necessary. The company also needs to ensure that its manufacturing systems remain up-to-date and that it is effectively prepared to deal with any type of emergency without significantly disrupting its global operations.

From a broader perspective, Zatko’s complaint underscores the critical and sometimes inconvenient role cybersecurity plays in modern organizations. Cybersecurity professionals like Zatko understand that no company or government agency likes to publicize cybersecurity issues. They tend to think long and hard about whether and how cybersecurity issues like this can be addressed, and what the possible consequences could be. In this case, Zatko says his revelations reflect “the job he has been hired to do” as chief of security for a social media platform he believes is “critical to democracy”.

For companies like Twitter, bad news about cybersecurity often results in a public relations nightmare that can affect the stock price and their position in the market, not to mention the interest of regulators and lawmakers. For governments, such revelations could lead to a lack of confidence in the institutions created to serve society, as well as potentially distracting political noise.

Unfortunately, the way cybersecurity issues are discovered, disclosed, and handled remains a difficult and sometimes controversial process, with no easy solutions for both cybersecurity professionals and today’s organizations.


Richard Forno is a senior lecturer in computer science and electrical engineering at the University of Maryland, Baltimore County.

This article was republished from The conversation under a Creative Commons license. Read the original article.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Explosion possible after derailment of train carrying hazardous materials in Ohio

As federal investigators tried to figure out why a 150-car train derailed in northeastern Ohio, the state's governor warned late Sunday that unstable temperatures...

The solo GP behind iSeed SEA launches its second fund for Southeast Asia • londonbusinessblog.com

If you follow Southeast Asia finance, you are probably familiar with iSeed SEA. Some of the startups the fund has invested in since...

Measures to address excessive volatility: Sebi on Adani crisis

Sebi said on Saturday that it is committed to ensuring the integrity of the stock market. All necessary regulatory measures have been taken to...

Darcey Silva- Wiki, age, husband, net worth, ethnicity

Darcy Silva first gained fame with the TLC reality TV series "90 Days Fiancé," which follows engaged couples who have 90 days to get...

the future of agrifood technology at evokeᴬᴳ 2023

In just three years, investment in Australian agri-food technology has skyrocketed. With the planet's rapidly growing population, never-ending concerns about the climate and...