Alex Stamos

Stamos grew up in Fair Oaks, California and graduated from Bella Vista High School in 1997. Stamos attended the University of California, Berkeley, where he graduated in 2001 with a degree in EECS.^[4]

Stamos began his career at Loudcloud and, later, as a security consultant at @stake.^[5]

iSEC Partners

In 2004, Stamos co-founded iSEC Partners, a security consulting firm, with Joel Wallenstrom, Himanshu Dwivedi, Jesse Burns and Scott Stender. During his time at iSEC Partners, Stamos was well known for his research publications on vulnerabilities in forensics software^[6] and MacOS,^[7] Operation Aurora,^[8] and security ethics in the post-Snowden era.^[9]

Stamos was an expert witness for a number of cases involving digital privacy, encryption, and free speech:

• EFF for their lawsuit against Sony BMG^[10]
• Google for their Google Street View case^[11]
• George Hotz^[12]
• Aaron Swartz^[13]

iSEC Partners was acquired by NCC Group in 2010.^[14]

Artemis Internet

Following the acquisition of iSEC Partners by NCC Group, Stamos became the CTO of Artemis Internet, an internal startup at NCC Group. Artemis Internet petitioned ICANN to host a '.secure' gTLD on which all services would be required to meet minimum security standards^[15] Artemis ultimately acquired the right to operate the '.trust' gTLD from Deutsche Post to launch its services.^[16]

Stamos filed and received five patents for his work at Artemis Internet.^[17]

Yahoo!

In 2014, Stamos joined Yahoo! as CSO.^[18] While at Yahoo!, he testified to Congress on online advertising and its impact on computer security and data privacy.^[19] He publicly challenged NSA Director Michael S. Rogers on the subject of encryption backdoors in February 2015 at a cybersecurity conference hosted by New America.^[20][21]

Facebook

In 2015, Stamos joined Facebook as CSO. During his time at Facebook, Stamos co-authored a whitepaper (with Jen Weedon and Will Nuland) on the use of social media to attack elections.^[22] He later delivered a keynote address at the Black Hat Briefings in 2017 on the need to broaden the definition of security and diversify the cybersecurity industry.^[23]

In reviewing the ads buys, we have found approximately $100,000 in ad spending from June of 2015 to May of 2017 — associated with roughly 3,000 ads — that was connected to about 470 inauthentic accounts and Pages in violation of our policies. Our analysis suggests these accounts and Pages were affiliated with one another and likely operated out of Russia.

— Alex Stamos, September 6, 2017, ^[24]

Following disagreement with other executives about how to address the Russian government's use of its platform to spread disinformation during the 2016 U.S. presidential election, he made plans in 2018 to leave the company^[3] to take a research professorship at Stanford University.^[25]

Stamos was interviewed about the Russian interference in the 2016 United States elections in the PBS Frontline documentary The Facebook Dilemma.^[26][27]

Controversies

During Stamos's tenure as the Chief Security Officer, Facebook was involved in numerous safety and security controversies including the Russian interference in the 2016 United States elections, failure to remove reported child-abuse images,^[28] inaction against disinformation campaigns in Philippines that targeted and harassed journalists,^[29][30]Facebook–Cambridge Analytica data scandal and the Rohingya genocide, for which the company has played a "determining role" according to the UN.^[31]Stamos said, as the CSO during the 2016 election season he "deserve as much blame (or more) as any other exec at the company," for Facebook's failed response to the Russian interference.^[32]Although the whitepaper Stamos coauthored^[22]only mentioned $100,000 ad spend for 3,000 ads connected to about 470 inauthentic accounts, it was later revealed thatthe Russian influence had reached 126 million Facebook users.^[33]While Cambridge Analytica harvested data from 87 million Facebook users before Stamos's tenure, Facebook did not notify its users until 2018, despite knowing about it as early as 2015, the year Stamos joined the company as the CSO.^[34] In July 2019, Facebook agreed to pay $100 million to settle with the U.S. Securities and Exchange Commissionfor misleading investors for more than two years (2015-2018) about the misuse of its users' data.^[35]

Stanford University

As of August 2019^[update], Stanford University's Center for International Security and Cooperation lists Stamos as an adjunct professor, visiting scholar at the Hoover Institution, and director of the Stanford Internet Observatory.^[2][36]

Krebs Stamos Group

At the beginning of 2021, Stamos joined former CISA director Chris Krebs to form Krebs Stamos Group, a cybersecurity consultancy, which quickly landed its first customer, the recently-beleaguered SolarWinds.^[37][38][39]

Patents

• U.S. patent 9083727B1 Securing client connections, filed April 11, 2012, granted July 14, 2015
• U.S. patent 8799482B1 Domain policy specification and enforcement, filed April 11, 2012, granted August 5, 2014
• U.S. patent 9106661B1 Computing resource policy regime specification and verification, filed May 9, 2014, granted August 11, 2014
• U.S. patent 8990392B1 Assessing a computing resource for compliance with a computing resource policy regime specification, filed May 9, 2014, granted March 24, 2015
• U.S. patent 9264395B1 Discovery engine, filed May 9, 2014, granted February 16, 2016

External links

• Alex Stamos on Mastodon
• Krebs Stamos Group official web site