APHINIA - Your Weekly CISO Wire

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Joanna Chen was appointed as CISO at Dashlane.

• David Christensen was appointed as CISO of Open Span.

• Dmitry Golovin was appointed as CISO at IOTA software.

• Saul Tenzer was appointed as Deputy CISO at Solar Turbines.

• Stewart Wharton was appointed as CISO at NTT Global.

• Lee Kaiser was appointed as CISO at Highspring.

• Mukund Ravipaty was appointed as CISO at Join Digital.

• Glenn Berryman was appointed as CISO at World Vision.

• Drake Cody was appointed as Deputy CISO at Gallagher.

• Eric Trzaskos was appointed as CISO at Cerence AI.

• Sherri Babylon was appointed as Fractional CISO at BluVi LLC.

Appointed? Promoted? Receive an Award? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Chris Herbst, CISO, IP Corporation

• Dan Berry, Group information security manager, Focusrite

• Michael Alcide, Security Director, SanData

• Narendra Parachuri, AI and Cloud Architect, Starbucks

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out our recent conversation with Cass Mack (CISO, Spekit) on how to win as a CISO.

Full interview here»

Several important events happened that merit your attention:

• U.S. warns citizens over Zambia’s new cyber law: The U.S. embassy has warned citizens about Zambia’s sweeping new cyber law allowing broad surveillance of electronic communications.

• Chris Krebs resigns from SentinelOne: Chris Krebs resigned as SentinelOne’s Chief Intelligence and Public Policy Officer after his security clearance was revoked and a presidential order to review his CISA leadership.

• Dutch Government urged to replace costly contractors with AI: Researchers commissioned by the Dutch government recommend using technologies like AI to reduce reliance on external ICT staff and cut costs.

• CISA cuts threat hunting tools amid push to shrink cyber agency: The CISA is dropping key cyber threat hunting tools—VirusTotal and Censys—as part of broader cuts under pressure from the Trump administration to scale down.

• Google uses AI to strengthen Ad platform security: In 2024, Google said it introduced over 50 improvements to its large language models to better detect and block fraudulent ads before they reach users. The company reported that these upgrades helped flag bad actors early, suspend over 700,000 scam accounts, and reduce impersonation scam reports by 90%.

• Proposed fee for use of foreign software in Russia: Digital Development Minister Maksut Shadayev announced plans to introduce a bill in September to impose a special fee on companies using foreign software, excluding SMEs and public institutions.

• Microsoft office 2016 and 2019 support ending in 2025: Microsoft has announced that Office 2016 and 2019 will lose extended support on October 14, 2025, meaning no more updates, security fixes, or technical support will be available. Users have been advised to upgrade to Microsoft 365.

• Japan warns of surge in hacked brokerage accounts: Japan’s Financial Services Agency reported a surge in unauthorized trades, totaling around $350 million in sales and $315 million in purchases, through hacked brokerage accounts. As of April 16, 12 securities firms reported over 3,300 illegal account accesses and 1,454 fraudulent transactions, with brokerages pledging to cover customer losses.

• Industry news: Kenzo Security, a platform which uses agentic AI to modernize security operations, has raised $4.5 million. Reco AI, a cybersecurity firm leveraging on AI-native platform to protect SaaS environments, has raised $25 million. Exaforce, a San Francisco start-up which uses a multi-model AI platform to enhance security and operation teams, has raised $75 million. Infosys acquired The Missing Link. Momentum acquired Secher Security. One Source acquired CT Solutions.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• Safran Group is looking for a Deputy Chief Information Security Officer in Huntington beach, CA.

• Natixis is looking for a Deputy Chief Information Security Officer  in New York City, NY.

• Lumentum is looking for a Chief Information Security Officer in San Jose, CA.

• New Mexico State University is looking for a Chief Information Security Officer in Las Cruces, NM.

• University of Michigan Academic Medical Centre is looking for a Chief Information Security Officer in Ann Arbor, MI.

• Amedisys is looking for a VP/Chief Information Security Officer in Baton Rouge, LA.

• University of North Carolina Asheville is looking for a  Chief Information Security Officer in Asheville, NC.

• Depot Connect International is looking for a Chief Information Security Officer in Tampa, FL.

• Centre Technologies is looking for a Chief Information Security Officer in Houston, TX.

• Surgery Partners is looking for a Chief Information Security Officer (remote).

Looking for a job? Hiring? Let us know.

Due to overwhelming demand, Aphinia is hosting a second CISO Mastermind at RSAC. If you in town for RSAC, we have exactly two spots left:

=> for April 27 CISO Mastermind - RSVP here.

=> for April 28 CISO Mastermind - RSVP here.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

• RSAC CISO Mastermind dinner is taking place on April 27, 2025 in San Francisco, CA. If you are going RSAC this year, this is a “must attend” event. Space is limited, so sign up here today.

• Houston CISO Mastermind dinner is taking place on May 14, 2025 in Houston, TX. We expect 20+ prominent CISOs to join us. If you are in the Greater Houston area, this is a “must attend” event. Space is limited, so sign up here today.

• Dallas CISO Mastermind dinner is taking place on May 15, 2025 in Dallas, TX. Our co-host is Peeyush Patel (CISO, XPO Logistics) and we expect 20+ prominent CISOs to join us. If you are in Dallas-Fort Worth area, this is a “must attend” event. Space is limited, so sign up here today.

• Gartner CISO Mastermind dinner in staking place on June 8, 2025 in Washington, D.C. Our co-host is Ann Dunkin (CIO, U.S. Department of Energy) and we expect 20+ CISO to join us. Are you attending Gartner Security & Risk? Local to D.C. area? Sign up here today.

• Re:Inforce CISO Mastermind dinner is taking place on June 15, 2025 in Philadelphia, PA. Are you attending Re:Inforce? Local to Philadelphia? Space is limited, so sign up here today.

• BlackHat CISO Mastermind dinner is taking place on Aug 3, 2025 in Las Vegas, NV. If you are going Black Hat this year, this is a “must attend” event. Space is limited, so sign up here today.

• New York CISO Mastermind dinner is taking place on October 15, 2025 in New York, NY. If you are in New York, this is a “must attend” event. Space is limited, so sign up here today.

• Re:Invent CISO Mastermind dinner is taking place on Dec 1, 2025 in Las Vegas, NV. If you are going Re:Invent this year, this is a “must attend” event. Space is limited, so sign up here today.

=> Want to host or sponsor a CISO Mastermind around a conference you are going to or in the city where you live? Reach out!

Industry Events:

• RSAC is taking place on April 28-May 1, 2025 in San Francisco, CA.

• Identiverse is taking place on June 2, 2025 in Las Vegas, NV.

• Gartner: Security & Risk Management is taking place on Jun 8, 2025 in National Harbor, MD.

• Re:Inforce on June 15, 2025 in Philadelphia, PA.

• Black Hat is taking place on Aug 2-7, 2025 in Las Vegas, NV.

• InfoSec World is taking place on Sep 22, 2025 in Orlando, FL.

• GrrCON 2025 will take place on October 2-3, 2025 in DeVos Place in Grand Rapids Michigan.

• The last CruiseCon was a blast and the next one is taking place on Oct 2-6 at sea (!) Use “Aphinia10” code to get a members-only discount before the early bird rate expires.

• SecTor is taking place on Oct 23, 2025 in Toronto, Canada.

• Re:Invent is taking place on Dec 2, 2025 in Las Vegas, NV.

• Gartner: Identity & Access is taking place on Dec 8, 2025 in Grapevine, TX.

• Black Hat Europe is taking place on Dec 9, 2025 in London, UK.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• The infamous meme forum 4chan, went down after a hacker compromised its system, leaking user and moderator data, including sensitive emails.

• Fontys University suffered a data leak when confidential information became visible in public Teams channels, after which it restricted access and introduced stricter controls and awareness efforts.

• Food retail giant Ahold Delhaize confirmed data was stolen in a November 2024 cyberattack, with ransomware group INC Ransom now claiming responsibility and leaking samples online.

• A successful cyberattack on Legends International has exposed the personal data of over 8,000 employees and customers.

• The hacker group Dark Storm Team has taken BreachForums offline in a DDoS attack, just as rumors spread about IntelBroker’s arrest.

• Almost 325 GB of sensitive data, including juvenile records and crime case files, was leaked by the Kairos group after a cyberattack on the Baltimore City State’s Attorney’s Office. 

• Bell Ambulance and Alabama Ophthalmology Associates have confirmed ransomware-related data breaches that exposed the personal and health information of over 100,000 individuals.

• Russia-backed APT29 is targeting European diplomats with fake wine-tasting invites to deploy a new malware loader, GRAPELOADER, an upgraded WINELOADER variant.

• A breach in Abilene’s internal network has forced the city to shut down systems, disrupt card payments, and launch an investigation as recovery efforts continue.

• Taiwanese shipping giant, Wan Hai Lines confirmed a cyberattack took its website offline on Friday, though it reported no significant operational impact or breach of internal data.

But a handful of them were nabbed 👮‍♀️:

• Iranian man charged for operating dark web marketplace: Behrouz Parsarad, an Iranian national, was charged for creating Nemesis Market, a dark web platform facilitating the sale of illegal drugs and cybercrime services, including money laundering. The market processed over 400,000 orders, including dangerous substances before being seized by international authorities in March 2024.

• Cybersecurity firm owner accused of malware attack: Jeffrey Bowie, CEO of an Edmond cybersecurity firm, has been accused of installing malware at St. Anthony Hospital, risking exposure of patient data. The hospital confirmed no data was accessed, and Bowie was arrested following the incident.

• SmokeLoader malware operator faces federal charges for data theft: Nicholas Moses, alias “scrublord,” has been charged with federal hacking offenses for deploying the SmokeLoader malware to steal personal data from over 65,000 victims globally. Moses allegedly sold stolen credentials and maintained a command server in the Netherlands.

• Dutch court convicts four in bank helpdesk fraud case: A Dutch court has sentenced four individuals to three years in prison for running a fraudulent bank helpdesk scheme from a makeshift call center found in a holiday home. The suspects were convicted of organized cybercrime, possession of victim data, and multiple instances of fraud, with damages awarded to both affected individuals and banks.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.