APHINIA - Your Weekly CISO Wire

FINAL REMINDER! Fill out this survey today!

Our friends at Hitch Partners are conducting the annual CISO Compensation and Trends Survey and we want to give the first look to the Aphinia community.

Just so you know, last year’s survey alone was used to assist 250+ CISOs and companies with compensation and scope direction.

» Fill out this quick survey here»… and YOU will be the first one to see the results to benchmark your comp package against peers or power up your negotiation for your next CISO role.

Here is the link to survey»

***

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Brian Blakley was appointed as CISO at Bellini Capital.

• Chris Castaldo was appointed as CISO at Flock Safety.

• Sherrod DeGrippo was appointed as Deputy CISO, Customer Security Management Office at Microsoft.

• Michael Srihari was appointed as Operating CISO for Operations & Compliance at Microsoft.

• Geoff Belknap was appointed as Operating CISO for Core & Compliance at Microsoft.

• Andrea Terry was appointed as CISO, Security Engineering at Microsoft.

• Martin Delisle was appointed as CISO at Haus.

• John Walp was appointed as VP, CISO at Point C.Appointed? Promoted? Let us know!

Appointed? Promoted? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Altaf Uddin, CIO and CISO, Kansas Secretary of State

• Anurag Bihani, Data Scientist, SLB

• Brandon Lindsay, Director, Information Security & Data Protection, HIAS

• Dean Gibson, Senior Director, IT Infrastructure and Security, Quva Pharma

• Fred Harder, Senior Director of Security Engineering, Dun and Bradstreet

• Ioannis Haviaras, Manager, Governance, Risk and Compliance, Comcast

• Jim Lola, CISO & Head of IT, Sonim Technologies, Inc.

• Mike Gala, VP, Cybersecurity, Comcast

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role or a consulting gig

• a promotion or appointment

• a book deal or a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out our recent conversation with Sekhar Nagasundaram (Global Head of Cybersecurity Threat Management, Elevance Health) on all things cybersecurity.

Full interview here»

Several important events happened that merit your attention:

• US Halts Sanctions on Chinese apy agency: The US has paused plans to sanction China’s Ministry of State Security over the Salt Typhoon cyberespionage campaign to preserve the trade truce struck by Trump and Xi Jinping. The decision has raised concerns that national security is being compromised for economic and diplomatic stability.

• Government lifts mandatory installation of cybersecurity app: The Indian government has removed the requirement for mobile manufacturers to pre-install the Sanchar Saathi app, which helps citizens report cyber fraud while protecting their data. With 1.4 crore users reporting 2,000 daily frauds, the app’s voluntary use keeps rising.

• NSA achieves workforce reduction goals: The NSA has cut around 2,000 employees this year through terminations, voluntary departures, and deferred resignations. The agency may face further cuts as the Pentagon seeks to reduce the defense budget, while leadership and mission priorities are being reorganized.

• Taiwan bans Chinese app RedNote: Taiwan has blocked the Chinese social media app RedNote for one year following over 1,700 reported fraud cases and $7.9 million in losses. The ban affects at least three million users as authorities cite data security risks and the app’s failure to comply with local regulations.

• Portugal updates cybercrime law for security researchers: Portugal has amended its cybercrime law to exempt good-faith security researchers from prosecution if they follow strict rules while identifying and reporting vulnerabilities. The legal change ensures that researchers can help improve cybersecurity without fear of criminal liability.

• Trump administration unveils new cybersecurity strategy: The Trump administration will release a six-pillar national cybersecurity strategy in January, focusing on offense, deterrence, workforce, infrastructure, and emerging technologies to strengthen U.S. cyber defenses.

• Russia blocks Snapchat, Roblox, and FaceTime: Russia’s Roskomnadzor has blocked Snapchat, Roblox, and FaceTime, citing their use in criminal and terrorist activities. Snapchat’s disappearing-message feature was specifically highlighted as a security risk.

• UK strengthens cyber protection of organisations via NCSC: The NCSC has launched a service which sends emails, in partnership with Netcraft, to alert organisations about security vulnerabilities and suggest updates. The service also provides early warnings to help UK organisations protect their networks from cyber threats.

• Arizona attorney sues Temu for alleged data theft: Arizona Attorney General Kris Mayes sued Chinese retailer Temu, accusing it of secretly collecting sensitive user data and using malware-like code. The lawsuit also claims Temu copies U.S. brands and may hand over data to the Chinese government.

• US ends cybersecurity pay incentive program: The Trump administration will eliminate the Cybersecurity Retention Incentive Program in 2026, which aimed to attract and retain experts at CISA. The move affects nearly half of the agency’s employees and comes amid criticism of mismanagement and abuse of the program.

• NATO conducts largest-ever cyberdefense exercise: NATO ran its biggest-ever cyber exercise in Estonia, training 1,300 participants to defend critical infrastructure and respond to hybrid threats. The drill focused on collaboration, intelligence sharing, and handling complex scenarios, including space-based attacks.

• US coast guard mandates cybersecurity training: The US Coast Guard requires all personnel with IT or OT access to complete cybersecurity training by January 12, 2026. The policy includes provisions for monitoring untrained personnel, maintaining training records, and ensuring contractors meet regulatory standards.

• Industry news: COGNNA, a Saudi-Arabia based cybersecurity company which delivers AI‑powered, managed SOC services has raised $9.2 million. Resemble AI, a Generative AI verification provider, has raised $13 million. Imper.ai, which protects against AI impersonation using real‑time identity verification, has raised $28 million. 7AI, a Boston-based agentic security platform, has raised $130 million. SPIE acquired Cyqueo. Synergy ECP acquired NetServices. Red River acquired Invictus.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• Subway is looking for a Chief Information Security Officer in Shelton, CT.

• Highgate Hotels is looking for a Vice President IT Security & CISO in Irving, TX.

• The University of Virginia is looking for a Deputy Chief Information Security Officer in Charlottesville, VA.

• Cook Children’s Health Care System is looking for a VP Chief Information Security Officer in Fort Worth, TX.

• General Dynamics Missions System is looking for a Chief Information Security Officer in Chantilly, VA.

• Vestwell is looking for a Chief Information Security Officer in New York City, NY.

• Incendia Partners is looking for a Chief Information Security Officer in Nashua, NH.

• RKON is looking for a Senior Virtual CISO (vCISO) - GRC Advisor (remote).

• Vanta is looking for a Field Chief Information Security Officer (remote).

Looking for a job? Hiring? Let us know.

Quick Sign Up - Aphinia In-Person CISO Mastermind Dinners:

Events are filling up very fast. So if you are traveling to the conferences or local to these cities sign up today:

• FS-ISAC - March 1, 2026 - Orlando, FL - Save your seat today

• RSAC - March 23, 2026 - San Francisco, CA - Save your seat today

• Gartner Risk Summit - June 1, 2026 - Washington, DC - Save your seat today

• Identiverse - June 15, 2026 - Las Vegas, NV - Save your seat today

• SecTor - October, 5, 2026 - Toronto, ON - Save your seat today

• Black Hat - August 2, 2026 - Las Vegas, NV - Save your seat today

• Re:Invent - Las Vegas, NV - Save your seat today

• Gartner IAM - Dallas, TX - Save your seat today

=> Want to host or sponsor a CISO Mastermind around a conference you are going to or in the city where you live? Reach out!

Industry Events:

• RSAC is taking place on March 22-26, 2026 in San Francisco, CA.

• Black Hat is taking place on Aug 1-6, 2026 in Las Vegas, NV.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• Vitas Healthcare has revealed that its October breach exposed the personal data of over 300,000 former and current patients.

• Notorious Hacker group Banished Kitten, has accidentally exposed access to Thailand’s Suvarnabhumi Airport while claiming to have targeted Israeli airport security.

• A massive data leak from a startup AI image generator, DreamX, revealed over 1 million images and videos, including nudity and potentially exploitative content involving children.

• The University of Phoenix has joined the growing list of institutions whose sensitive data was stolen via an Oracle E-Business Suite zero-day exploit.

• A major leak at Chinese cybersecurity firm Knownsec exposed internal documents and raised new questions about the company’s transparency and role in China’s cyber ecosystem.

• Pharma firm Inotiv has begun notifying 9,542 individuals that their personal data was stolen in an August 2025 ransomware attack claimed by the Qilin group.

• Over 74 U.S. banks and credit unions had customer data exposed in a ransomware breach at Marquis Software Solutions.

• Notifications are underway after unauthorized third-party breach exposed customer personal and contact details at Freedom Mobile.

• French DIY retailer Leroy Merlin disclosed a data breach affecting customer personal information in France alone.

• A security lapse caused by an incorrect application setting at Petco left customer data accessible on the internet until the company detected the issue and took corrective action.

• Barts Health NHS has disclosed that Clop ransomware stole invoice data via an Oracle zero-day exploit, though patient records and core systems remain secure.

• A Thanksgiving-week cyberattack on Truenorth caused temporary outages in three Puerto Rico agencies, however personal information was not stolen.

But a handful of guys were nabbed 👮‍♀️:

• Virginia brothers arrested for Government database sabotage: Two federal contractors from Virginia, Muneeb and Sohaib Akhter, were arrested for conspiring to delete and steal U.S. government data, including sensitive IRS and DHS records. They face a potential prison sentence of up to 45 years and 6 years respectively.

• Teen hacker arrested for using ChatGPT in a massive cyberattack: A 17-year-old in Osaka was arrested for using self-created malware, enhanced with ChatGPT, to launch a cyberattack on an internet cafe’s systems where over 7 million personal data were compromised. He faces charges of unauthorized computer access and fraud, admitting he exploited system vulnerabilities for fun.

• Rogue hacker meets justice in Russian court: Artem Khoroshilov, labeled a terrorist and extremist, was sentenced to 21 years in a maximum-security prison for orchestrating DDoS attacks on Russian Post in coordination with Ukrainian hackers. He also planned sabotage and illegally transferred funds to support Ukrainian military formations.

• Three Ukrainian hackers nabbed in Poland: Polish police arrested three Ukrainians carrying advanced hacking equipment, allegedly intended to compromise national IT systems. The suspects now face charges of fraud, computer fraud, and possession of devices for criminal activity, with authorities seizing laptops, Flipper hacking tools, SIM cards, and other gear.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.