Skip to main content

Facebook’s security chief is leaving, and no one’s going to replace him

Facebook’s security chief is leaving, and no one’s going to replace him

Share this story

Illustration by Alex Castro / The Verge

Facebook’s chief security officer, Alex Stamos, said today that he’ll be leaving the company later this month. The announcement comes just a day after Facebook — and to a large extent, Stamos — revealed that Facebook had discovered malicious actors who continue to use the platform to manipulate political discussions and organizing in the United States.

Stamos won’t be replaced after he leaves, meaning no one will hold the title of “chief security officer” at Facebook. All eyes are trained on the company to see how it will deal with major security concerns, including the use of fake accounts to manipulate politics and the Cambridge Analytica data scandal.

Instead of building out a dedicated security team, Facebook has dissolved it and is instead embedding security engineers within its other divisions. “We are not naming a new CSO, since earlier this year we embedded our security engineers, analysts, investigators, and other specialists in our product and engineering teams to better address the emerging security threats we face,” a Facebook spokesman said in an email. Facebook will “continue to evaluate what kind of structure works best” to protect users’ security, he said.

“We expect to be judged on what we do ... not whether we have someone with a certain title.”

Stamos’ departure still seems to be a big loss, even apart from the symbolic title. Stamos was known for being one of the few executives at Facebook willing to engage with people outside the company about the service’s ongoing problems. He frequently interacted with reporters on Twitter about security issues, often in unusually candid terms.

Facebook hired Stamos in 2015. He had worked at Yahoo in a similar role before then, but resigned after discovering that the company had built a system to scan emails for the US government, according to Reuters.

Stamos’ last day will be on August 17th. He’ll be teaching and conducting research at Stanford after that. In a statement, Facebook COO Sheryl Sandberg said the company “look[s] forward to collaborating with him in his new role.” Stamos’ departure had been decided on last year, according to a New York Times report from March, but Facebook reportedly wanted to keep him on until August.

Facebook is clearly aware that losing its chief security officer and dissolving its dedicated security team, in the middle of all that’s going on, is not a great look. So many of the company’s statements today are clearly designed to address obvious concerns that arise.

“We expect to be judged on what we do to protect people’s security, not whether we have someone with a certain title,” a spokesperson said. In another statement, Facebook said it is “investing heavily in security to address new types of threats” and that its new security structure has “helped us do more to keep people safe.”