Microsoft Appoints New CISO in Igor Tsyganskiyor in Major Security Shakeup

Microsoft hires Igor Tsyganskiy, as CISO who who previously served as CTO and President at asset management giant Bridgewater Associates. 

Tsyganskiy, who joined Redmond just four months ago, will take over the CISO responsibilities from Bret Arsenault and help guide the company through a new “Secure Future Imitative” that promises faster cloud patches, better management of identity signing keys and a commitment to ship software with a higher default security bar.

Bell described Tsyganskiy as “a technologist and dynamic leader with a storied career in high-scale/high-security, demanding environments,” noting that he brings “deep knowledge and experience from his previous role outside of Microsoft” in a LinkedIn post.

Tsyganskiy spent 7 years at Bridgewater, managing the tech stack for the world’s largest hedge fund and is credited with overhauling the firm’s trading and back-office system.  Prior to Bridgewater, Tsyganskiy did stints as SVP of product management at Salesforce and SVP Engineering at WideOrbit.

The company made the changes  as the company tries to pick up from spate of embarrassing hacks, zero-day exposures and patching problems on its flagship OS and cloud computing platforms.

Earlier this year, Chinese government-backed hackers broke into Microsoft’s M365 cloud platform and stole U.S. government emails, an incident that prompted a U.S. senator to accuse Microsoft of “cybersecurity negligence.”

The M365 hack,  is still being investigated by the Department of Homeland Security’s Cyber Safety Review Board (CSRB)

The organiztaion faced intense criticism for its approach to third-party vulnerability research of its cloud products and continues to struggle with faulty and incomplete patches and a surge in Windows zero-day attacks.

Further Microsoft announced plans to expand logging defaults for lower-tier M365 customers and increase the duration of retention for threat-hunting data.

Microsoft says it rakes in about $20 billion a year in cybersecurity-related revenue.

(Image courtesy: worldforum)

Leave a Reply

Your email address will not be published. Required fields are marked *