Two people who left their last jobs amid brewing scandals have teamed up to rehabilitate the image of a company surely going through its worst days ever.
Former Cybersecurity and Infrastructure Security Agency Director Chris Krebs, unceremoniously fired by President Trump following the November elections, has founded a new company with Alex Stamos, the former head of Facebook’s security operations, who left the company amidst revelations about its involvement in the seedy Cambridge-Analytica scandal. Merely called the Krebs Stamos Group, the startup already has its first client: a little company called SolarWinds.
In yet another dastardly twist in the ongoing SolarWinds debacle, the U.S. Department of Justice announced Wednesday that hackers had accessed the inboxes of over 3,000 DOJ employee Microsoft email accounts.Read more
That’s right. The software firm at the middle of the biggest hack in American history has hired Krebs and Stamos as consultants to assist with rebuilding trust in their brand. Now ubiquitously known as the “SolarWinds hack,” the apparently Russian-in-origin cyber intrusion scandal has engulfed the public and private sectors alike and only continues to grow. Some 18,000 entities are thought to have been affected by it, and the extent to which the likely state-backed hackers were able to gather intelligence via their operations is still unclear.
“Armed with what we have learned of this attack, we are also reflecting on our own security practices and seeking opportunities to enhance our posture and policies,” a SolarWinds spokesperson told Bloomberg News. “We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review and provide best-in-class guidance on our journey to evolve into an industry leading secure software development company.”
The hiring of Krebs and Stamos is an interesting move — considering they, like SolarWinds, have significant professional reputations that, nonetheless, have been forced to weather various large IT scandals.
Previously, Krebs served as the director of the CISA, one of the most prominent cyber positions within the federal government. Trump fired Krebs after he refused to back up the president’s false claims about a “rigged election” and voter fraud. While Krebs is said to have assisted with presiding over the “most secure election” ever, he also served at CISA while the SolarWinds hackers were apparently worming their way into every federal agency imaginable — not a spectacular thing to have on your resume.
Stamos, meanwhile, previously worked as a security executive at Yahoo at a time when Russian hackers compromised approximately 500 million Yahoo user accounts. He joined Facebook in 2015 as its chief security officer but very publicly departed from the company three years later when it became embroiled in the Cambridge-Analytica scandal. Stamos had advocated for “more disclosure around Russian interference of the platform and some restructuring to better address the issues,” but was met with resistance by company leadership, the New York Times reported at the time.
Krebs announced the news of his and Stamos’ new gig via Twitter on Friday morning.
News broke last night that I'm jumping into the next chapter of my career alongside @alexstamos. We've teamed up to form https://t.co/pystaH2Ug9. Our concept is simple: help businesses manage cybersecurity risk as business risk, making the Internet a safer place in the meantime.
— Chris Krebs (@C_C_Krebs) January 8, 2021
While it’s unclear so far what kind of services exactly the Krebs Stamos Group will be offering (or who, if any, their other clients are), the duo’s website currently talks about providing their customers with understanding about “the threats they face” and “the weaknesses in their posture” while also providing them with “clear-eyed, candid and experienced advice on critical, long-lasting decisions in moments of extreme crisis.” Certainly, Stamos and Krebs have experience with that.