Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

China’s TikTok Lures ADP Security Chief to Become New CISO

Roland Cloutier Named CISO at TikTokADP Security Chief Roland Cloutier Departs to Become Chief Information Security Officer (CISO) at China-owned TikTok

Roland Cloutier Named CISO at TikTokADP Security Chief Roland Cloutier Departs to Become Chief Information Security Officer (CISO) at China-owned TikTok

TikTok, the controversial and wildly popular social video app maker, announced on Thursday that Roland Cloutier will join the company as Chief Information Security Officer (CISO). 

TikTok is owned by Beijing-based startup Bytedance, and has been under fire and accused of being vulnerable to spying by the Chinese government.

Cloutier joins TikTok from ADP where he served as SVP and Chief Security Officer, overseeing the company’s cyber, information protection, risk, workforce protection, crisis management, and investigative security operations worldwide. 

As CSO at ADP, Cloutier was responsible for leading security initiatives for a company holding some of the most sensitive data for American and global companies. He also spent more than a decade serving the United States Air Force, Department of Defense and Department of Veterans Affairs. 

ADP is the largest payroll processing company in the United States and provides other business process outsourcing solutions for its customer base of more than 740,000 clients in across more than 140 countries. 

Cloutier now will be tasked with protecting a social platform and mobile app ecosystem used by hundreds of millions of users creating and sharing short-form videos. 

“Roland will work with a global team, but the Mountain View office is where we have largely focused on building out our security team, which he will lead,” a TikTok spokesperson told SecurityWeek.

While Cloutier may be able to help the company secure its platform and mobile applications, the company will still face challenges in maintaining trust, especially for users in the government and business sectors.

In October 2019, two senators warned that Chinese law could compel the company “to support and cooperate with intelligence work controlled by the Chinese Communist Party.” TikTok — separate to the Chinese version of the software — is now headquartered in Los Angeles, and denies this. “We have never been asked by the Chinese government to remove any content and we would not do so if asked. Period,” it previously said.

News of Cloutier’s appointment comes just one day after US officials issued additional warnings about the potential security risks of using TikTok and calls to ban the app from being used on government devices.

In December 2019, a student in California filed a class-action lawsuit against TikTok, which accused the company of harvesting large amounts of user data and storing it on servers in China.

According to Samm Sacks, a cybersecurity fellow at the New America Foundation specializing in China, the Chinese government could “essentially require anything that they want of these companies.” 

Even with concerns of the Chinese government put aside, researchers have found several security issues with the TikTok app itself. In January, researchers from Check Point disclosed multiple vulnerabilities in the app that could easily be exploited. These could lead to an attacker uploading false videos and deleting genuine videos, changing video status from private to public, and extracting sensitive personal data, such as users’ full names, email addresses and birthdays.

Despite the challenges facing the China-owned company, Cloutier says he is excited about the new role.

“There has never been a more exciting or challenging time to serve in the security field,” Cloutier said in a prepared statement. “I am looking forward to working with my new colleagues at TikTok to develop the solutions required to protect our hundreds of millions of users and creators around the world.”

Reporting to company head Alex Zhu, Cloutier will start in the position in early April.

TikTok is not the only Chinese company luring high profile security talent from American companies and government organizations. Andy Purdy, who previously served as a senior cybersecurity official for the U.S. Government, was hired in 2012 by controversial Chinese telco equipment maker Huawei to serve as Chief Security Officer for its U.S. division.

ADP has made an internal staff move to fill Cloutier’s position. 

According to an ADP spokesperson, Dave Martin, Vice President, Threat and Incident Management, has assumed the role of Chief Security Officer at ADP, effective immediately. “Mr. Martin is an industry-recognized and respected thought leader, with a proven ability to build and lead large global security teams and programs,” the spokesperson told SecurityWeek.

*Updated with information from ADP

Related: Army’s Use of TikTok App Raises Concerns on Capitol Hill

Related: China-Made TikTok App Riddled With Security Holes: Researchers

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

SecurityWeek speaks with two leading CISOs in the aviation industry – Mitch Cyrus of Honda Aircraft, and Mark Ferguson of Bombardier.