DNC hires first ever CSO ahead of 2018 midterms
The Democratic National Committee has named Bob Lord as its new chief security officer, hiring the former Yahoo CISO to lead the committee’s cybersecurity operations heading into the 2018 midterm elections.
The committee said Lord will work with the organization’s own internal security team as well as in the field to support state parties, including efforts to update their “information security strategies” and improve practices to “change the economics” for attackers. The hire was announced Thursday through a statement released by the DNC.
“I’m confident Bob’s skills and hard work will help protect us against the sort of cyberattacks and intrusions that are unfortunately all too common in today’s age,” DNC Chair Tom Perez said in a release. “Defense is an essential part of any game plan, and I couldn’t be happier with Bob holding the line for the DNC.”
The DNC has never employed a CSO before. But the hire appears pragmatic given the 2016 campaign cycle, which saw multiple democratic political campaigns penetrated by Russian hackers believed to be aligned with the Russian government.
Lord’s arrival at the DNC comes after a career filled with stops at high-profile tech companies, including Twitter, Rapid7, Red Hat and America Online.
DNC Chief Technological Officer Raffi Krikorian, who previously worked alongside Lord while at Twitter, told Wired magazine that he valued the former Yahoo CISO’s experience responding to attacks launched by nation-state-caliber hackers.
“There are very few people in the world who actually found foreign actors in their system and did something about it,” Krikorian told Wired.
While at Yahoo, Lord led the company’s security operations during the aftermath of two data breaches that allowed for hackers to repeatedly compromise millions of user accounts. Those breaches predated Lord’s time at Yahoo, but he nonetheless was tasked with remediating the damages and rebuilding Yahoo’s core security infrastructure.
Investigators announced last year that a 2014 data breach at Yahoo was perpetrated by a team of Russian intelligence officers in tandem with contracted digital mercenaries.