[jonknee]

On top of that the previous CIA director was undone by a Gmail account he shared with his mistress. You'd think email security would have come up during the onboarding process. The CIA is an intelligence agency, but its leaders are apparently just regular bureaucrats.

[codyb]

To be fair, being an accomplished member of an agency of foreign affairs, and being in any way competent with information security and being a US citizen in the notice of the highest echelons of our government is asking a lot from a small circle of potential candidates who are predominately far older than your tech savvy computer engineer.

And in most ways, leaving his e-mail to a provider which works with e-mail and has dealt with attacks before, is probably the most sensible thing to do.

And of course, I've read Legacy of Ashes and a few of Robert Baear's books (Beaer?) and understand being accomplished in the world of the CIA just avoiding political entanglement and not fucking up too badly, but whatever, the point stands ;-).

[Pyxl101]

The sensible thing to do is to leave his work email in his work account. That guidance should be email training 101 as well as common sense. You're not supposed to take classified government documents home with you, and you don't take government property home with you, and you don't send official work email to your random private email account.

[jonknee]

He has 24/7 instant access to very high quality opsec though, it doesn't matter that he's old. If he's too old to know any better he doesn't belong anywhere near classified material.