Microsoft Appoints Deputy CISO For Europe To Reassure European IT leaders

Microsoft has appointed a Deputy CISO for Europe to address growing regulatory pressure and reassure EU leaders about its cybersecurity commitment. 'The move also highlights strong fears from European IT execs and government officials that the Trump administration may exert significant influence on cybersecurity companies,' reports CSO Online. From the report: Who that Deputy CISO will ultimately be is unclear. Wednesday's statement simply said that Microsoft CISO Igor Tsyganskiy is 'appointing a new Deputy CISO for Europe as part of the Microsoft Cybersecurity Governance Council,' but the phrasing made it unclear when that would happen. However, Tsyganskiy made a separate announcement on LinkedIn that he has given the role to current Deputy CISO Ann Johnson. But he then said that Johnson, who is based at Microsoft's head office in Redmond, Washington, will hold that post 'temporarily.'

In his LinkedIn post, Tsyganskiy explained that the Cybersecurity Governance Council, which was created in 2024, consists of 'our Global CISO and Deputy Chief Information Security Officers (Deputy CISOs) representing each of our technology services. This Council oversees the company's cyber risks, defenses, and compliance across regions and domains.' 'The Deputy CISO for Europe will be accountable for compliance with current and emerging cybersecurity regulations in Europe, including the Digital Operational Resilience Act (DORA), the NIS 2 Directive, and the Cyber Resilience Act (CRA),' Tsyganskiy wrote. 'These laws will prove transformative not only in EU markets, but worldwide, and Microsoft is actively engaged in preparing for what lies ahead.' Microsoft said in Wednesday's statement: 'the appointment of a Deputy CISO for Europe reflects the importance and global influence of EU cybersecurity regulations and the company's commitment to meeting and exceeding those expectations to prioritize cybersecurity across the region. This new position will report directly to Microsoft's CISO.'

Michela Menting, France-based digital security research director at ABI Research, said when she heard on Wednesday that Microsoft was creating such a role, 'I was mostly surprised that they don't already have one.'

'GDPR has been in place for quite some time now and the fact they are only now putting in a European deputy CISO is concerning,' Menting added. 'They are playing catch up.'

Read more of this story at Slashdot.