By Roland Cloutier, TikTok Chief Information Security Officer
When people think of TikTok, two words come to mind: creativity and joy. My goal is to add safety to that list. As I wrote in April, TikTok has always been committed to protecting the privacy of our community, but security is a job that is never done. We must always strive to do better and evolve to overcome the next set of industry challenges.
With this in mind, my team of security experts and I are undertaking a broad review of TikTok's security infrastructure and practices. In the months since we began this review, we've created a Security Roadmap to help us build best-in-class security infrastructure, champion transparency and accountability, and partner with third-party experts and regulators to validate our progress. We are working on these focus areas simultaneously and will update you on our progress as we go along.
Build best-in-class security infrastructure
People are the foundation of any organization. We're focused on hiring the world's top security experts to lead our efforts, while also expanding our security teams who work out of Mountain View, California and Washington, D.C. Our goal is to hire an additional 100 security, data, and privacy protection experts in the U.S. by the end of the year.
We are creating a centralized global security function, headquartered out of the U.S. and internationally deployed across all markets we serve. This will ensure consistency, availability, and faster responses to emerging global issues and threats to our users and platform. We will also expand our response efforts in Europe, the Middle East and Asia to further supplement ongoing and future security initiatives. The key areas of focus will be cyber defense and user-data access assurance, digital crimes, insider threat, cyber-threat intelligence, and risk management.
Champion transparency and accountability
In March, we announced the opening of our Transparency Center in Los Angeles, California. I'm excited to share with you that we will also open a Transparency Center in Washington, D.C. Both of these centers will give lawmakers and experts the opportunity to look under the hood of TikTok and assess our security practices and infrastructure.
In addition, we will release a Transparency Report twice a year, providing more information on accounts that we have taken down for violations against our terms of service, unlawful acts, and issues that threaten the safety of users.
Partner with third-party experts and regulators to validate our progress
While we have worked very hard to build best-in-class security infrastructure, we know that it's not enough to build it. We have to test it, validate it and work with our partners to make sure we're addressing the entirety of the threat surface we face every day. We must challenge our own concepts on vulnerabilities and our ability to defend against them. To that end, have been working with leading global security firms to ensure we comply with globally recognized security control standards like ISO 27001, SOC2, and NIST CSF. In the coming months, we'll announce more partnerships with security experts and regulators to ensure our community can trust that their data and privacy are protected.
We'll continue to make improvements to our security program, and we'll update you every step of the way. In the meantime, if you have questions or concerns, please let us know. We're here for you.
Commentaires