The Public Eye with Eric Chabrow

LinkedIn: We Have a 'Security Czar'

Company Says India Technology Center Head Oversees IT Security Eric Chabrow (GovInfoSecurity) • June 15, 2012    
LinkedIn: We Have a 'Security Czar'

LinkedIn contends it had on staff world-class security experts when nearly 6.5 million members' hashed passwords were pilfered, although the social media company has neither a chief information officer nor chief information security officer [see LinkedIn Has Neither CIO Nor CISO].

See Also: Keeping Your Side of the Street Clean: 5 Cyber-Hygiene Facts You Wish You Knew Earlier

LinkedIn, in a statement posted on its website, says its security team includes former Yahoo CISO Ganesh Krishan, who LinkedIn describes as the company's "security czar." According to Krishan's LinkedIn profile, he heads the company's India Technology Center, and reports to Senior Vice President for Operations David Henke. Among the expertise Krishan profile states he has includes building security infrastructure at scale, security operations, Web security, information security, fraud analysis and mitigation and risk management, all key skills of a CISO.

LinkedIn disclosed Krishan's role at the company nearly a week after the breach was unveiled. Shortly after the breach, in an e-mail exchange I had with LinkedIn's public relations staff, representatives initially said the social media company had neither a CIO nor CISO but that Henke and Kevin Scott, senior vice president of engineering, were responsible for IT security. Hours later, I received another message saying only Henke was in charge of security. LinkedIn's PR staff made no mention of Krishan as its IT security chief.

In its statement, the social media company said:

"LinkedIn historically has limited C-level titles only to its chief executive officer and chief financial officer, so while Krishnan does not formally have the title of chief information security officer, that is the role he has played at the company since his hiring in 2010."
Do titles matter? Not really, but responsibilities do, as well as focus. Arguments have been made that Henke is in charge of operations, and for a social media company, that's like being a CIO. Perhaps so. Similarly, much of Krishnan's background involves security. Yet Krishan, as head of LinkedIn's India Technology Center, helps oversee product development, according to his profile.

True, products need to be secured, and Krishan's expertise should help LinkedIn do just that. But that's not the same as being focused on information security for the entire social media company as his sole responsibility.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Threat Modeling Essentials for Generative AI in Healthcare
Threat Modeling Essentials for Generative AI in Healthcare
Why OT Security Keeps Some Healthcare Leaders Up at Night
Why OT Security Keeps Some Healthcare Leaders Up at Night
Why Entities Should Review Their Online Tracker Use ASAP
Why Entities Should Review Their Online Tracker Use ASAP
Addressing Security Gaps and Risks Post-M&A in Healthcare
Addressing Security Gaps and Risks Post-M&A in Healthcare
Generative AI: Embrace It, But Put Up Guardrails
Generative AI: Embrace It, But Put Up Guardrails
Zero Trust, Auditability and Identity Governance
Zero Trust, Auditability and Identity Governance
Critical Considerations for Generative AI Use in Healthcare
Critical Considerations for Generative AI Use in Healthcare
The State of Security Leadership
The State of Security Leadership
Inside Look: FDA's Cyber Review Process for Medical Devices
Inside Look: FDA's Cyber Review Process for Medical Devices
Why Connected Devices Are Such a Risk to Outpatient Care
Why Connected Devices Are Such a Risk to Outpatient Care

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.