On stage at the D11 conference in California, Twitter CEO Dick Costolo took a question about the service's high-profile security problems, saying that the company takes the matter "super seriously," and that Twitter has "responsibility for high-authority accounts."

Twitter rolled out two-step authentication for accounts beginning on May 22nd — a long-awaited feature following a particularly nasty spell of hacks of organizations including the Associated Press, AFP, and The Guardian — but Costolo said today that the measure isn't enough. "We launched two factor authentication," Costolo said, "but two factor wouldn't stop some of these attacks. We've got a bunch of security people on it, and we're investing money."

Costolo acknowledged the fact that Twitter was late in the game introducing additional verification measures, saying that "we haven't moved as fast as we need to, and we'll work on it." Costolo didn't say what the additional security measures might entail, or when additional improvements can be expected, but it's clear the company knows that further action is necessary.

Update: In a comment made on Twitter following the D11 event, Twitter CEO Dick Costolo clarified that his company has "a responsibility to help media companies protect themselves from getting hacked."