Apple has hired a software security expert to head up its growing internal security group. The company has hired David Rice, a former National Security Agency analyst and consultant on security issues, according to reports.
Rice is currently the director of policy reform at the U.S. Cyber Consequences Unit, a technology policy think tank in California. He’s also a member of the faculty at IANS and a consultant at The Monterey Group, but he’s widely known in the security industry for his book, “Geekonomics,” which discusses the need for a more secure software infrastructure.
The position that Rice will take at Apple is global director of security, according to a report by The Wall Street Journal. Although Rice has been focused on software security in the past, the role at Apple sounds like more of an externally-focused one than one looking inward at the quality and security of Apple’s own software.
Rice’s hire is the latest in a series of high-profile personnel moves in the security realm for Apple. One of the first moves Apple made in its attempt to shore up the security of its software was to hire Window Snyder, a former Microsoft and Mozilla security official, who joined Apple in March 2010. Snyder was deeply involved in Microsoft’s threat-modeling effort and brought that concept to Mozilla during her tenure there, as well.
Apple also has brought in Jon Callas, one of the more respected and well-known cryptographers in the industry and the founder and former CTO of PGP Corp. And Apple also has hired Ivan Krstic, an open source and infrastructure security expert, who formerly ran security for the One Laptop Per Child project from MIT.
Apple has come under criticism from some users and security experts for a perceived lack of focus on software security, especially as compared to Microsoft, which has been very vocal and public about the moves it makes with its Trustworthy Computing effort and other initiatives. But Apple is far more reluctant to speak about its internal machinations than Microsoft–or virtually any technology company–is, so many of its moves go essentially unnoticed. However, as Apple’s computers and devices–particularly the iPhone and Mac–have become more popular with business users, the security of the company’s software has become more of a focus for researchers.
