Microsoft Appoints New CISO as Part of 'New Focus'
The move comes amid increasing pressure on CISOs.
Microsoft has appointed a new CISO to “evolve and adapt” its approach to cybersecurity.
Bret Arsenault, who has served as Microsoft’s CISO for the past 14 years, will move to a new role as chief security advisor. Igor Tsyganskiy will take over as Microsoft's new CISO effective Jan. 1.
Charlie Bell, Microsoft’s executive vice president of security, announced the changes in a LinkedIn post.
“Security is more important than ever for our customers, partners and Microsoft,” he said. “So much of the world depends on Microsoft for its digital safety and we need look no further than the news headlines to know we live in a rapidly evolving threat landscape, one that is highly demanding and drives us to continually innovate and deliver. Navigating all this requires a tremendous amount of leadership know-how and experience – I’m lucky to work with a group of leaders at Microsoft that work every day to make the world a safer place.”
New CISO Part of 'New Focus'
As Microsoft recently shared in its Secure Future Initiative memo, the speed, sophistication and scale of cyberattacks is accelerating, Bell said. This requires a new focus.
In his new role, Arsenault will focus on “escalating our impact across the entire ecosystem: Microsoft, partners, customers, government agencies and important communities,” he said.
“[Arsenault has] been instrumental in establishing a strong security culture, building a world-class security organization, driving our zero trust strategy, and leading work across the industry,” Bell said. “Bret is one of the most respected global security leaders on the planet. He’s also been a trusted advisor and mentor to so many at Microsoft, including me. I’m incredibly grateful for his contributions and his friendship, and for his continued dedication to our mission-driven business.”
Microsoft's Igor Tsyganskiy Courtesy: AWS/YouTube
This is Tsyganskiy’s first time serving as CISO. He joined Microsoft four months ago as chief strategy officer for security. He previously was head of investment technologies at Bridgewater Associates. He’s also held prior roles with Salesforce, WideOrbit and SAP Labs.
Tsyganskiy is a technologist and “dynamic leader with a storied career in high-scale/high-security, demanding environments," Bell said.
"He brings deep knowledge and experience from his previous role outside of Microsoft and I look forward to continuing to collaborate with him on this important work, " Bell said.
Increasing Pressure on CISOs
The move comes amid increasing pressure on CISOs due to increasing regulation, litigation and cyberattacks. In October, the U.S. Securities and Exchange Commission (SEC) charged SolarWinds and its CISO, Timothy G. Brown, with fraud and internal control failures in connection with the massive breach disclosed in late 2020.
In addition, Microsoft has faced cybersecurity challenges. For example, a Microsoft engineer’s compromised corporate account allowed a China-based threat actor to gain access to email accounts as early as 2021 to spy on the U.S. State and Commerce departments, and other U.S. government agencies.
Claude Mandy, chief evangelist of data security at Symmetry Systems, said replacing a Microsoft and cybersecurity industry veteran with an outside candidate, one with no direct CISO experience, but an extensive amount of both product and technology experience, could be seen as a “bold move” by outsiders. This could be especially true at a time where “we are seeing increasing pressure on CISOs amidst increasing cyberattacks around the world.”
"It is perhaps indicative of the desire by Microsoft to build better security products, along with the security of Microsoft, more broadly,” he said.
About the Author
You May Also Like