SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack

Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group – and have been hired by SolarWinds.

SolarWinds, which has been embroiled in a recent, widescale hack, has called in two security powerhouses for help: Former director of the Cybersecurity and Infrastructure Security Agency (CISA) Chris Krebs, and former Facebook security executive Alex Stamos.

Texas-based SolarWinds hired the duo as crisis-response consultants in the fallout of a cyberattack, discovered in December, in which the company’s network-management platform was targeted in a massive supply-chain hack. Several high-profile victims were affected – including the U.S. Department of Homeland Security (DHS), and the Treasury and Commerce departments.

Krebs is the former (and first) director of CISA, first appointed in 2018. In November, he was axed by the Trump administration in a move that drew public criticism from government officials and security experts alike.

Stamos, meanwhile, is the former Facebook CISO, and the founder of the Stanford Internet Observatory. Stamos over the past year has been tapped by other companies hit by various security scandals – including Zoom, after a COVID-19 surge in its user base led to Zoom-bombing cyberattacks and privacy concerns.

First reported by The Financial Times on Thursday, the two paired up to launch a cybersecurity consulting business, called the Krebs Stamos Group. According to the company’s website, the consulting team works with companies to help them understand the various security risks that they face, as well as their weaknesses, “and the role they play in the security of our wider society.” Threatpost has reached out to the Krebs Stamos Group for further comment.

“Our concept is simple: help businesses manage cybersecurity risk as business risk, making the internet a safer place in the meantime,” said Krebs on Twitter on Friday.

"News broke last night that I'm jumping into the next chapter of my career alongside @alexstamos. We've teamed up to form Our concept is simple: help businesses manage cybersecurity risk as business risk, making the Internet a safer place in the meantime."

Security experts, for their part, praised SolarWinds’ decision to tap the new firm, with security researcher Kevin Beaumont saying on Twitter: “This is a really smart hire.”