Skip to content

Search the site

Twitter CISO Lea Kissner resigns

“I've loved this job and we got *so* much done, but here we are"

Twitter CISO Dr Lea Kissner has resigned, as turmoil at the company continues.

They announced the decision today. It comes as sweeping layoffs hit the company’s security and privacy teams.

Dr Kissner told followers: “I've made the hard decision to leave Twitter. I've had the opportunity to work with amazing people and I'm so proud of the privacy, security, and IT teams and the work we've done.”

They added: “I'm looking forward to figuring out what's next, starting with my reviews for @USENIXSecurity” – adding to followers that “I've loved this job and we got *so* much done, but here we are.”

Their resignation comes as major brands and advertisers were scrambling to reassure customers that osts from fake accounts carrying the blue check -- previously known as confirmation of an authentic and verified account and now just showing someone has paid $8 for it -- were not remotely legitimate. The $20 billion+ revenue company Eli Lilly was forced to clarify that this message was not true via its offical account, saying "We apologize to those who have been served a misleading message from a fake Lilly account. Our official Twitter account is @LillyPad"

They were not the only executive walking out. According to messages shared in Twitter Slack, Twitter’s Chief Privacy Officer and Chief Compliance Officer also resigned last night: One employee said it will be up to engineers to “self-certify compliance with FTC [Federal Trade Commission] requirements and other laws.”

In a rare comment the FTC said: "We are tracking recent developments at Twitter with deep concern. No CEO or company is above the law, and companies must follow our consent decrees."

Former Twitter CISO Dr Lea Kissner
Former Twitter CISO Dr Lea Kissner

Dr Kissner had been CISO at Twitter since January 2022, previously serving as Head of Privacy Engineering.

The Google veteran and respected technologist also previously served as Global Lead of Privacy Technology at Google.

Their resignation comes after a hugely challenging period for the security team at the company.

Twitter faced stark criticism of its controls in public testimony by whistleblower Peiter “Mudge” Zatko.

(Kissner took over after he was fired by then-Twitter CEO Parag Agrawal: i.e. the issues did not happen on their watch as CISO).

Mudge’s testimony cited [pdf] “extreme, egregious deficiencies by Twitter in every area of his mandate including user privacy, digital and physical security, and platform integrity/content moderation.”

Few of these issues are likely to have been positively resolved by the mass layoffs at Twitter under new owner Elon Musk -- some of which happened so fast the company has reportedly scrambled to re-hire critical staff.

One security colleague of the outgoing Twitter CISO days ago noted on LinkedIn earlier this week that “while I was not impacted by the deep layoffs at Twitter, some of the best and brightest privacy engineers on my team and software engineers in our broader privacy org were let go. If you're looking for smart, kind, dedicated people for your technical privacy practice, please share below or reach out to me directly…”

See also: CISOs turn to richer metrics as security training evolves