Yahoo’s Chief Information Security Officer Justin Somaini (pictured here) has left the company, according to sources.

It’s not clear why the top security risk exec has departed the Silicon Valley Internet giant. But, said sources, it could be partially related to the recent hacking issues around the newly refreshed Yahoo Mail, including its vulnerabilities to cross-site scripting, or XSS, attacks. This has been blamed for a surge in spam emanating from compromised email accounts, a problem that some security experts outside the company said Yahoo has been slow to fix.

Along with a number of execs, including Connections SVP Shashi Seth, addressing such issues were within Somaini’s purview. It’s not clear if Seth — who has also been the subject of persistent departures rumors internally over the last few months — will also be getting some of the blame for the embarrassing security problem in a key Yahoo product.

But sources also noted Somaini’s leaving is also part of a wider look at a range of higher level execs — top staff status is based on Levels, such as L3, L4, L5 — at Yahoo that is now taking place across the company by CEO Marissa Mayer.

Sources noted that Mayer is moving to replace a number of them as she seeks to remake the top ranks of the company, even as some are contemplating departure in the March time frame when their various and sundry stock options and other payouts are realized.

Somaini has a strong resume, coming to Yahoo in April of 2011 from Symantec, where he was also CISO. Previous to that, he worked as a director of information security at Verisign. He has a very lively cybersecurity blog too, which you can look at here.

I reached out to Yahoo for comment, but have not heard back as yet.

Categorised as: Chief Digital Officer | Digital Media | Feedster

Comments are disabled on this post