{"id":3020,"date":"2025-05-01T18:31:30","date_gmt":"2025-05-01T18:31:30","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=3020"},"modified":"2025-05-01T18:31:30","modified_gmt":"2025-05-01T18:31:30","slug":"microsoft-appoints-deputy-ciso-for-europe-to-reassure-european-it-leaders","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=3020","title":{"rendered":"Microsoft appoints Deputy CISO for Europe to reassure European IT leaders"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Microsoft on Wednesday announced that it will be creating a new position: a Deputy CISO for Europe.<\/p>\n<p>Who that Deputy CISO will ultimately be is unclear. Wednesday\u2019s statement simply said that Microsoft CISO Igor Tsyganskiy is \u201cappointing a new Deputy CISO for Europe as part of the Microsoft Cybersecurity Governance Council,\u201d but the phrasing made it unclear when that would happen.<\/p>\n<p>However, Tsyganskiy made a separate announcement on LinkedIn that he has given the role to current Deputy CISO Ann Johnson. But he then said that Johnson, who is based at Microsoft\u2019s head office in Redmond, Washington, will hold that post \u201ctemporarily.\u201d\u00a0<\/p>\n<p>Contacted directly, Johnson, who has served in a variety of senior cybersecurity roles at Microsoft since she joined the software giant in December 2015, did not answer any questions about whether she will relocate to Europe while she holds the role, or how temporary she expects it to be. She referred the queries to Microsoft PR, who declined to comment.<\/p>\n<p>In his <a href=\"https:\/\/www.linkedin.com\/posts\/igor-tsyganskiy-9385951_today-i-am-announcing-that-we-are-appointing-activity-7323361358345838593-8cKh\" target=\"_blank\" rel=\"noopener\">LinkedIn post<\/a>, Tsyganskiy explained that the Cybersecurity Governance Council, which was created in 2024, consists of \u201cour Global CISO and Deputy Chief Information Security Officers (Deputy CISOs) representing each of our technology services. This Council oversees the company\u2019s cyber risks, defenses, and compliance across regions and domains.\u201d<\/p>\n<p>\u201cThe Deputy CISO for Europe will be accountable for compliance with current and emerging cybersecurity regulations in Europe, including the Digital Operational Resilience Act (DORA), the NIS 2 Directive, and the Cyber Resilience Act (CRA),\u201d Tsyganskiy wrote. \u201cThese laws will prove transformative not only in EU markets, but worldwide, and Microsoft is actively engaged in preparing for what lies ahead.\u201d<\/p>\n<p>In <a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2025\/04\/30\/european-digital-commitments\/\">Wednesday\u2019s statement<\/a>, Microsoft said, \u201cthe appointment of a Deputy CISO for Europe reflects the importance and global influence of EU cybersecurity regulations and the company\u2019s commitment to meeting and exceeding those expectations to prioritize cybersecurity across the region. This new position will report directly to Microsoft\u2019s CISO.\u201d<\/p>\n<p>The move also highlights <a href=\"https:\/\/www.computerworld.com\/article\/3975408\/microsoft-tries-to-reassure-europe-that-it-can-resist-the-us-government-europe-has-doubts.html\">strong fears from European IT execs and government officials<\/a> that the Trump administration may exert significant influence on cybersecurity companies. Those concerns were intensified by Trump\u2019s order to<a href=\"https:\/\/www.csoonline.com\/article\/3965056\/will-politicization-of-security-clearances-make-us-cybersecurity-firms-radioactive.html\"> yank security clearances from SentinelOne and former Trump official Chris Krebs<\/a> because of comments that Krebs made about election results.\u00a0<\/p>\n<p>An even bigger factor is the economic uncertainty around<a href=\"https:\/\/www.networkworld.com\/article\/3953796\/tariff-war-throws-building-of-data-centers-into-disarray.html\" target=\"_blank\" rel=\"noopener\"> tariffs and retaliatory tariffs<\/a>.\u00a0<\/p>\n<h2 class=\"wp-block-heading\">\u2018Playing catch up\u2019<\/h2>\n<p>Michela Menting, France-based digital security research director at ABI Research, said when she heard on Wednesday that Microsoft was creating such a role, \u201cI was mostly surprised that they don\u2019t already have one.\u201d<\/p>\n<p>\u201cGDPR has been in place for quite some time now and the fact they are only now putting in a European deputy CISO is concerning,\u201d Menting said. \u201cThey are playing catch up.\u201d<\/p>\n<p>Menting said this is consistent with Microsoft\u2019s minimal efforts in Europe over the years, adding, \u201cthey really now have to show that they are doing the utmost.\u201d<\/p>\n<p>Part of Microsoft\u2019s challenge, and therefore the challenge for the person who eventually holds this new role, is to convince European leaders that Microsoft is changing.<\/p>\n<p>The creation of the Deputy CISO for Europe role \u201cis not because they really believe in it. It\u2019s because they don\u2019t want to lose that business. It\u2019s that simple,\u201d Menting said. \u201cThey have been doing the bare minimum and that\u2019s why they are always in court here.\u201d<\/p>\n<p>Forrester VP\/research director Pascal Matzke, who is based in Germany, was somewhat unimpressed by the new role.\u00a0<\/p>\n<p>The creation of a Deputy CISO for Europe \u201cis great, but how does that translate into how new innovation stays within Europe?\u201d Matzke asked. \u201cThey could have pointed to some specific funding co-development,\u201d but they didn\u2019t.<\/p>\n<p>Phil Brunkard, an executive counselor at Info-Tech Research Group UK, said he saw the new Microsoft position as \u201ctelling Brussels [the European Union\u2019s de facto capital] \u2018OK. We\u2019ll play by your rules now.\u2019\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Microsoft on Wednesday announced that it will be creating a new position: a Deputy CISO for Europe. Who that Deputy CISO will ultimately be is unclear. Wednesday\u2019s statement simply said that Microsoft CISO Igor Tsyganskiy is \u201cappointing a new Deputy CISO for Europe as part of the Microsoft Cybersecurity Governance Council,\u201d but the phrasing made [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":3021,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3020","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3020"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3020"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3020\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/3021"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3020"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3020"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3020"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}