Microsoft Hires New CISO in Major Security Shakeup

Microsoft security boss Charlie Bell has quietly executed a major shakeup of the software giant's security hierarchy, removing the CISO and Deputy CISO and handing the reins to Igor Tsyganskiy, a recent hire who previously served as CTO and President at asset management giant Bridgewater Associates.
Tsyganskiy, who joined Redmond just four months ago, will take over the CISO responsibilities from Bret Arsenault and help guide the company through its new 'Secure Future Initiative' that promises faster cloud patches, better management of identity signing keys and a commitment to ship software with a higher default security bar.
Arsenault, who held the CISO title at Microsoft for 14 years, has been reassigned to a security advisory role.
His deputy, Aanchal Gupta, was also removed and will exit Microsoft's security organization.
Tsyganskiy spent seven years at Bridgewater, managing the tech stack for the world's largest hedge fund and is credited with overhauling the firm's trading and back-office system.
Prior to Bridgewater, Tsyganskiy did stints as SVP of product management at Salesforce and SVP Engineering at WideOrbit.
The changes come as Microsoft scrambles to contain the fallout from a spate of embarrassing hacks, zero-day exposures and patching problems on its flagship OS and cloud computing platforms.
The M365 hack, caused by a mismanagement of signing keys, is being investigated by the Department of Homeland Security's Cyber Safety Review Board.
Bell, who spent 23 years at Amazon before joining Microsoft in 2021 to lead the entire security organization, is betting on the promise of AI to help Microsoft with its cybersecurity problems.
The company plans to use AI to help automate threat modeling and adopt memory safe languages like Rust to build security at the language level and eliminate entire classes of traditional software vulnerabilities.
Microsoft has faced intense criticism for its approach to third-party vulnerability research of its cloud products and continues to struggle with faulty and incomplete patches and a surge in Windows zero-day attacks.
The company recently announced plans to expand logging defaults for lower-tier M365 customers and increase the duration of retention for threat-hunting data.


This Cyber News was published on www.securityweek.com. Publication date: Wed, 06 Dec 2023 17:43:10 +0000


Cyber News related to Microsoft Hires New CISO in Major Security Shakeup

CISO Conversations: Nick McKenzie and Chris Evans - In this edition of CISO Conversations, SecurityWeek discusses the role of the CISO with two CISOs from the major crowdsourced hacking organizations: Nick McKenzie at Bugcrowd and Chris Evans at HackerOne. The purpose, as always, is to help aspiring ...
6 months ago Packetstormsecurity.com
The Role of the CISO in Digital Transformation - Modern-day demands require organizations to be flexible and digitally savvy, getting work done remotely and in the public cloud as often as in a centralized physical location, if not more so. As companies continue to modernize their workflows and ...
10 months ago Darkreading.com
Microsoft Hires New CISO in Major Security Shakeup - Microsoft security boss Charlie Bell has quietly executed a major shakeup of the software giant's security hierarchy, removing the CISO and Deputy CISO and handing the reins to Igor Tsyganskiy, a recent hire who previously served as CTO and President ...
10 months ago Securityweek.com
Appointments of New Chief Information Security Officers in the United States in January 2023 - Corporate security is undergoing a lot of changes as businesses attempt to keep up with the ever-changing threat landscape. To ensure the safety of both employees and customers, many companies are now hiring a Chief Security Officer or Chief ...
1 year ago Csoonline.com
Microsoft Is Getting a New 'Outsider' CISO - In a Tuesday blog post, Microsoft executive vice president of security Charlie Bell announced that as part of its new strategic focus on security, the company will shift Bret Arsenault out of his longtime role as CISO and into a chief security ...
10 months ago Darkreading.com
Microsoft Is Getting a New 'Outsider' CISO - In a blog post on Dec. 5, Microsoft executive vice president of security Charlie Bell announced that as part of its new strategic focus on security, the company will shift Bret Arsenault out of his longtime role as CISO and into a chief security ...
10 months ago Darkreading.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
10 months ago Microsoft.com
Definition from TechTarget - The CISO is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external ...
9 months ago Techtarget.com
How the Evolving Role of the CISO Impacts Cybersecurity Startups - It helps startups striving to meet the ever-evolving needs of CISOs, who are simultaneously seeking the elusive but paramount buy-in from business users and executives. The CISO role has evolved dramatically in the past few years in response to ...
10 months ago Darkreading.com
Is the vCISO model right for your business? - It's getting harder to justify not having a CISO, so many businesses that have never had a CISO are filling the gap with a virtual CISO. A vCISO, sometimes referred to as a fractional CISO or CISO-as-a-Service, is typically a part-time outsourced ...
9 months ago Darkreading.com
Cybersecurity is a Team Sport - Good security hygiene needs to be a fundamental part of company culture, and leadership should make it clear that proper security practices are part of achieving business objectives. Infusing security and operational resilience throughout the ...
10 months ago Darkreading.com
The New CISO: Rethinking the Role - Dating back to the 1990s, the role of CISO was more technical and IT-focused. CISOs face more risks than can be resolved, are expected to balance security with operational capability, and must convince leaders to invest in protection. Today, CISOs ...
6 months ago Darkreading.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
10 months ago Microsoft.com
Why CISOs and CIOs Should Work Together More Closely - Although there are overlaps in the goals and responsibilities of the CIO and the CISO, there are also challenges that get in the way of a more cohesive relationship, including reporting lines, organizational structures, budgets, and risk appetites. A ...
9 months ago Feedpress.me
Embracing the Virtual: The Rise and Role of vCISOs in Modern Businesses - In recent years, the task of safeguarding businesses against cyber threats and ensuring compliance with security standards has become increasingly challenging. Unlike larger corporations that typically employ Chief Information Security Officers for ...
9 months ago Cysecurity.news
Fewer cybersecurity professionals losing their jobs in breach 'blame' game - Cybersecurity job loss after a major incident is becoming less likely as organizations drop the "Blame" game for more practical approaches to breach prevention, a survey of 500 CISOs shows. More than 95% of CISOs reported their teams received greater ...
10 months ago Scmagazine.com
CISO Corner: Gen Z Challenges, CISO Liability & Cathay Pacific Case Study - Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Post-SolarWinds, it's no longer enough for chief information security officers to remain compliant and call it ...
8 months ago Darkreading.com
​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
6 months ago Techcommunity.microsoft.com
Liability Fears Damaging CISO Role, Says Former Uber CISO - The gorwing trend of finding CISOs personally liable for security failings is making security professionals more reluctant to take up these positions. Sullivan was convicted in 2022 of federal charges relating to the cover up of the theft of Uber ...
10 months ago Infosecurity-magazine.com
Generative AI Takes on SIEM - With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in ...
10 months ago Darkreading.com
The Shift in Power from CIO to CISO: The Rise in Cyber Attacks Enables Greater Resources and Budget Allocation - Often when we talk about the impact of these cyber threats, we inevitably focus on the wallet as well as how they can tarnish a business's reputation. As a result, we are witnessing the beginnings of a shift in power from the CIO to the Chief ...
10 months ago Cybersecurity-insiders.com
The Shift in Power from CIO to CISO: The Rise in Cyber Attacks Enables Greater Resources and Budget Allocation - Often when we talk about the impact of these cyber threats, we inevitably focus on the wallet as well as how they can tarnish a business's reputation. As a result, we are witnessing the beginnings of a shift in power from the CIO to the Chief ...
10 months ago Cybersecurity-insiders.com
The Shift in Power from CIO to CISO: The Rise in Cyber Attacks Enables Greater Resources and Budget Allocation - Often when we talk about the impact of these cyber threats, we inevitably focus on the wallet as well as how they can tarnish a business's reputation. As a result, we are witnessing the beginnings of a shift in power from the CIO to the Chief ...
10 months ago Cybersecurity-insiders.com
The Shift in Power from CIO to CISO: The Rise in Cyber Attacks Enables Greater Resources and Budget Allocation - Often when we talk about the impact of these cyber threats, we inevitably focus on the wallet as well as how they can tarnish a business's reputation. As a result, we are witnessing the beginnings of a shift in power from the CIO to the Chief ...
10 months ago Cybersecurity-insiders.com
The Shift in Power from CIO to CISO: The Rise in Cyber Attacks Enables Greater Resources and Budget Allocation - Often when we talk about the impact of these cyber threats, we inevitably focus on the wallet as well as how they can tarnish a business's reputation. As a result, we are witnessing the beginnings of a shift in power from the CIO to the Chief ...
10 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)