Yahoo taps TrustyCon co-founder Alex Stamos for chief information security officer

The current CIO of security firm Artemis and co-founder of the rebellious counter-conference TrustyCon will be Yahoo's first CISO in more than a year.

Nick Statt
Nick Statt Former Staff Reporter / News
Nick Statt was a staff reporter for CNET News covering Microsoft, gaming, and technology you sometimes wear. He previously wrote for ReadWrite, was a news associate at the social-news app Flipboard, and his work has appeared in Popular Science and Newsweek. When not complaining about Bay Area bagel quality, he can be found spending a questionable amount of time contemplating his relationship with video games.
2 min read
TrustyCon co-organizer and host Alex Stamos encourages attendees to rethink how to build trustworthy computing systems, at San Francisco's AMC Metreon theater on Thursday, February 27, 2014. Seth Rosenblatt/CNET

Yahoo has named Alex Stamos, current chief technology officer for security firm Artemis and co-founder of TrustyCon, as its next chief information security officer, Recode's Arik Hesseldahl is reporting based on sources familiar with the matter.

The company's last CISO, Justin Somaini, left Yahoo more than a year ago. Stamos, a well-known member of the industry and frequent face on the stage of prominent security conferences, will be filling the role starting March 10 and reporting directly to CEO Marissa Mayer. His position at Artemis remains unclear at this time.

On February 27, Stamos and a group of fellow security industry leaders held a counter-conference in San Francisco to protest the RSA Conference taking place there this week. TrustyCon -- for the Trustworthy Technology Conference -- was aimed at rebelling against RSA's involvement with the National Security Agency, which was first revealed by Reuters last year.

The event, which organizers say must continue as the privacy issues encapsulating the security industry evolve, featured numerous speakers who withdrew from the RSA Conference in protest. It focused mainly on discussions of building trust, both in the industry and in the relationships companies and government have with the public.

Yahoo's re-energized push for security involvement at the executive level comes at a dire time for the Web giant's reliability reputation. A far-reaching ad-related malware attack first reported last month put 2 million PCs and Yahoo users' personal data at risk, and Yahoo has been going to great lengths of late to match the security efforts of competitors like Google by sending searches on its home page and other outbound traffic from its services through secure servers.

But perhaps most relevant to Yahoo's new appointment is the startling news from yesterday, revealed in documents from Edward Snowden, that the GCHQ, with help from the NSA, intercepted and stored images of millions of users of Yahoo's Webcam chats without the technical ability to differentiate between US and UK citizens and with no legal restrictions barring that collection of foreign Webcam images. Yahoo, speaking to The Guardian, called Optic Nerve, as the program was code-named, "a whole new level of violation of our users' privacy."