Shortly after Microsoft CISO Igor Tsyganskiy took office in January 2024 it emerged that Redmond was under attack by a Russian threat group – which had spotted an insecure and exposed Microsoft “test tenant”, piggybacked from it onto another insecure application that had “elevated access to the Microsoft corporate environment,” and wreaked havoc.
“The subsequent days are some I remember vividly” Tsyganskiy said in an update on his efforts at Microsoft, detailing his subsequent creation of a new Office of the CISO and hiring of “a number of Deputy CISOs [who] work with our major product groups and programs to drive greater depth and rigor in cybersecurity governance across the entire company…”
