One of America’s first recognized “white hat” hackers and more recent Twitter whistleblower, Peiter “Mudge” Zatko, has accepted the role of senior technical advisor for the US Cybersecurity and Infrastructure Security Agency (CISA).
CISA director Jen Easterly retweeted the story first reported by The Washington Post Tuesday.
“SUPER PUMPED to welcome O.G. Hacker @dotMudge to Team @CISAgov to help advance #SecureByDesign!,” Easterly posted on X (formerly known as Twitter).
The former head of security at Twitter (now X) was called to testify last September by the US Senate Judiciary Committee over his 84-page whistleblower complaint against the company over its lax data security.
In the complaint, Zatko accused Twitter’s then-leadership of deliberately misleading the public about the platform’s “security, privacy, and integrity.”
Zatko also had charged the social messaging platform with fraudulently misleading stakeholders and turning a blind eye “to efforts by foreign governments to infiltrate, control, exploit, surveil, and censor the company’s staff, platform, and operations.”
The cybersecurity expert, who has also worked for Google, was fired by Musk in January.
Zatko – who goes by the nickname “Mudge” – is also known as one of the most renowned members of America’s first hacker think tank to testify on Capitol Hill about the vulnerable state of the US government’s computer systems back in 1988.
The internationally covered testimony of the Boston-based l0pht collective is considered the first known instance of responsible disclosure and the first time the US government publicly acknowledged “hackers” in a positive context.
“Mudge joins us in a part-time capacity to help us collaboratively shape a culture of security by design that is foundational to every security team, every C-suite, and every board room in the country,” Easterly said in a written statement, reported the Post.
The famed Mudge – additionally known as part of the 80s alternative hacktivist group the Cult of the Dead Cow – will step into his newly obtained expert role starting this week on a part-time basis.
The US government’s Secure by Design initiative puts the onus on manufacturers to build software security into all steps of their design processes by default – preceding development, configuration, and shipment of products, according to CISA.
Coinciding with Zatko’s appointment, CISA also announced a new Secure by Design program involving the K-12 education sector.
The program aims to collect commitment pledges from American educational software technology providers to design products with greater built-in security.
“We need to address K-12 cybersecurity issues at its foundation by ensuring schools and administrators have access to technology and software that is safe and secure right out of the box,” said Easterly.
So far six manufacturers have already signed the voluntary pledge Classlink, Clever, D2L, GG4L, Instructure, and PowerSchool.
Your email address will not be published. Required fields are markedmarked