Skip to main content
close search
site logo
Dive Brief

Twitter names a CISO as the platform recovers from security breach

Published Sept. 30, 2020
Naomi Eide's headshot
Managing Editor
Philipp Katzenberger for Unsplash

Dive Brief:

  • Security executive Rinki Sethi joined Twitter as the company's vice president and chief information security officer this week, Nick Tornow, platform leader at Twitter, announced in a Tweet Monday. CISO Mike Convertino, departed in December. 

  • Reporting to Tornow, Sethi will lead the platform's information security, including enterprise and security risk, application security, and detection and response. She will also work with Twitter's privacy and data protection team and provide security updates to employees and the board of directors. 

  • Most recently, Sethi served as the VP and CISO of cloud data management company Rubrik, Inc., where she protected internal assets and advised on security product innovation. She also held VP of information security roles at IBM and Palo Alto Networks. 

Dive Insight:

At Twitter's security helm, Sethi is responsible for a threat landscape that includes the company's 5,200 employees, each of which can pose a security risk, joining the company as it recovers from a spear phishing attack this summer. 

In July, a social engineering campaign targeted a "small number of employees" and allowed attackers access to Twitter's internal network and support tools, the company said in a blog post detailing the attack

Rinki Sethi, VP and CISO of Twitter
Twitter
 

Attackers leveraged internal support tools to access account support tools, compromising 130 Twitter accounts, including direct messages and Twitter data, according to the announcement. 

In a textbook campaign, attackers were able to leverage stolen credentials to escalate platform access, ultimately accessing high-profile accounts, including accounts from Bill Gates and Elon Musk. Following the incident, Twitter limited internal tool access, which the company said would cause account support and developer platform application delays. 

Phishing has become more advanced and attackers are getting more creative, an upgrade from the malicious links baiting users to click. Menlo Security detailed an example of attackers layering credential phishing under visual captchas to target Microsoft Office 365 credentials. 

Trust becomes a key concern from the breach. In addition to impacting audience trust, a breach and compromised accounts negatively impacts Twitter's reputation and could result in advertising taking a hit, the company said in its Q2 earnings

"Security doesn't have an end point," Twitter CEO Jack Dorsey said in the July earnings call. "It's a constant iteration to stay steps ahead of adversaries. We fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools."

Filed Under: Leadership

Editors' picks

Company Announcements

View all | Post a press release
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Revenera Monetization Monitor 2025: Product Usage Insights Drive Better Roadmaps
From Revenera
November 25, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Leadership
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell