Facebook Restructures Its Security Teams

SAN FRANCISCO — Facebook has restructured some of its security teams in a move that displaces more than two dozen employees.

The changes, which took place last week, affected Facebook’s detection-engineering and alert-response teams, said three current and former employees, who spoke on condition of anonymity because they were not authorized to discuss workplace issues. The employees, whose duties included anticipating cyberattacks and preventing hackers from breaching the platform, were in Facebook’s offices in London, Seattle and Menlo Park, Calif.

Facebook has dissolved and dispersed its security group over the last two years, said the people. The latest cuts are part of a change in philosophy on security efforts, spurred by internal infighting and long-running issues within the department, they said.

Facebook has said it continues to invest heavily in security, and the restructuring was designed to update its methodology.

“To stay ahead of evolving security threats, we’re investing more in automated detection and bringing in new skills as we continue to grow our security team overall,” a company spokeswoman said in a statement. “This also means we are restructuring a portion of our team and helping the people affected by this change find other roles at Facebook.”

Facebook’s security efforts have increasingly come under scrutiny in the past few years. In 2016, Russians used the social network to sow divisive messages to sway voters in the American presidential election. In 2018, the company disclosed a security breach that left the accounts of tens of millions of people vulnerable.

Its security operations were previously housed together in one large group under Alex Stamos, the chief information security officer. After Mr. Stamos left Facebook in 2018, the security teams were reassigned and reported into different parts of the company, such as engineering and policy. Facebook has since eliminated the chief information security officer position.

Facebook is looking for new approaches to bolster security across its services, according to two of the people. That includes hiring software engineers to write programs that can carry out many of the security duties previously accomplished by humans, they said. Managers who supported an automated approach have said it will be easier to scale up over time, since training artificial intelligence to handle those duties will mean less reliance on people.

The company has posted job listings on its internal site and in LinkedIn posts for engineers to build out systems that respond to security threats. Those who were affected by the changes said it will be difficult to find another position at the company because of their specialized skills.

View original article here Source