Aphinia - Your Weekly CISO Wire

Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:

These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:

• Mike Rosen was appointed as CISO at iVerify.

• Jan Grzymala-Busse was appointed as CISO at TENEX.AI.

• Linda Hamill was appointed as CISO at Explore Digits Inc.

• Steve Baer was appointed as Field CISO at Digital Asset Redemption.

• Michael Shipp was appointed as CISO at Guggenheim Securities.

• Chris Betz was appointed as Global Field CISO at Omnissa.

• Jamison Utter was appointed as Field CISO at A10 Networks.

• Paul Yoo was appointed as CISO at Formal.

• Chris Livingston was appointed as Deputy CISO at Crum & Forster.

• Uriel Alvarez was appointed as SVP, CISO at Allied World.

Appointed? Promoted? Receive an Award? Let us know!

Aphinia is growing! Say hello, reach and connect with our new members:

• Audrey Hanson, CISO, Manufacturing

• Arif Basha, VP, CISO, Collectors Universe

• Chris Herbst, CISO, IP Corporation

• Dan Berry, Group information security manager, Focusrite

• Michael Alcide, Security Director, SanData

• Narendra Parachuri, AI and Cloud Architect, Starbucks

Welcome on board!

Who in your network can benefit from Aphinia? Please send them here »

Not yet a member? Apply here »

Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min

Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:

• a new Advisory role

• a consulting gig

• a promotion or appointment

• a book deal

• a speaking engagement at industry conference

Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min

Meanwhile, check out our recent conversation with our guests Renana Friedlich (CISO, LPL Financial) on how to succeed as a CISO and on all things cybersecurity.

Full interview here»

Several important events happened that merit your attention:

• Google launches AI to combat fraud: Google is introducing an AI-powered scam detection feature to protect Android users by identifying fraudulent calls and messages in real time. This feature, which launches first in English across the U.S., U.K., and Canada, flags suspicious patterns and alerts users to potential scams without compromising privacy.

• Ransomware attacks reach unprecedented speeds: CrowdStrike and ReliaQuest report that ransomware gangs now achieve lateral movement within 48 minutes on average after gaining access, down from 62 minutes in 2023. The fastest breakout time, which was recorded in just 51 seconds, highlights how cybercriminals are rapidly outpacing enterprise defenses.

• White House strengthens cybersecurity leadership with new ONCD head: The Office of the National Cyber Director (ONCD) is set to expand its authority as the executive branch’s lead on cybersecurity policy, with Sean Cairncross appointed to head the office.

• FTC drops case against MGM: The FTC has withdrawn its case against MGM Resorts over a 2023 ransomware attack, citing an administrative shift. The agency had sued in 2024 to enforce a Civil Investigative Demand, but the case was dropped after President Trump took office. Since its legal case began, MGM claims to have paid $45 million in lawsuit settlements.

• Switzerland enforces a 24-hour cyberattack reporting rule: Swiss companies are now required to report cyberattacks within 24 hours of detection, starting April 1, a move aimed at strengthening national cybersecurity.

• FBI recovers stolen Ripple crypto: The FBI has seized $24 million in stolen crypto linked to the January 2024 cyberheist targeting Ripple co-founder Chris Larsen. Hackers first gained access by stealing password stores from LastPass in 2022 and have been cracking them to drain crypto wallets. As of May 2024, over $250 million of crypto assets have been stolen using the LastPass data.

• 1Password adds location-based access: users can now assign physical locations to saved passwords, making them automatically appear in the new "Nearby" section of the home tab. This feature streamlines access by displaying relevant passwords based on location.

• Russia Exploits AI to Spread Disinformation: Pravda, a Russian disinformation network, is poisoning AI chatbots by flooding the web with pro-Kremlin falsehoods. NewsGuard reports that one in three responses from top AI models now reflect these manipulated narratives. The network expanded rapidly last year, publishing over 3.6 million fake articles across 200+ domains.

• Microsoft to retire Publisher in 2026: Microsoft will discontinue Publisher in October 2026, removing it from Microsoft 365 and ending support for the desktop version. After that date, users can no longer open or edit Publisher files, and the app will cease receiving security updates.

• UK banks fined over tech failures: Nine central UK banks and building societies, which suffered the equivalent of 33 days of outages over two years, have been ordered to pay £12.5m in compensation. A parliamentary Treasury group noted that these failures leave workers and businesses struggling, especially on payday.

• Record fraud losses soared in 2024: The FTC reported that Americans lost $12.5 billion to fraud in 2024, a 25% increase from the previous year. Investment scams led with $5.7 billion in losses, followed by imposter scams at $2.95 billion. Reports show that younger adults, ages 20 and 29 were among the most targeted groups.

• Google increases bug bounty rewards: Google awarded nearly $12 million in bug bounties to 660 researchers last year, bringing total payouts since 2010 to over $65 million. It revamped its reward structure, offering up to $300,000 for mobile app flaws and $250,000 for Chrome bugs.

• Bill mandates stronger cybersecurity for contractors: The Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025 now requires contractors to implement NIST-aligned vulnerability disclosure programs to enhance best security practices. The Office of Management and Budget, CISA, and other relevant agencies will oversee this.

• Industry news: Knostic, an emerging cybersecurity firm that provides access control to corporate Gen AI systems, has raised $11 million. Harmony Intelligence, an Australian-American cybersecurity start-up that creates AI defenses to protect people and infrastructure from AI threats, has raised $3 million. SpecterOps, a cybersecurity company that provides adversary-focused solutions, has raised $75 million. Armis acquires OTORIO. Zog acquires Ram Technologies and Cerberus Tech Solutions. ZehnTek acquires BossNine.

These senior cybersecurity executive roles you may want to forward to your friends and colleagues:

• Check Point is looking for a Field Chief Information Security Officer in Boston, MA.

• Colorado PERA is looking for a Chief Information Security Officer in Denver, CO.

• Two Barrels is looking for a Chief Information Security Officer in Spokane, WA.

• Blue Foundry Bank is looking for a Chief Information Security Officer in Parsippany, NJ.

• The Texas Health and Human Services Commission is looking for a Deputy Chief Information Security Officer in Austin, TX.

• The County of Los Angeles is looking for a Chief Information Security Officer in Los Angeles, CA.

• Belmont Point is looking for a Chief Information Security Officer in Hollywood, MD.

• Thales is looking for a Director, Field Chief Information Security Officer (remote).

• Public Partnerships is looking for a Chief Information Security Officer (remote).

• CompassMSP is looking for a  Virtual Chief Information Security Officer (remote).

Looking for a job? Hiring? Let us know.

The Aphinia CISO Mastermind dinner in New Orleans, LA last Sunday was a blast. Thank you everyone who participated.

These are virtual and live events for the cyber community you may find interesting:

Aphinia Events:

• Seattle CISO Mastermind dinner is taking place on April 2, 2025 in Bellevue, WA. Our co-host is David Cross (CISO, Atlassian) and we expect 20+ prominent CISOs to join us. If you are in Greater Seattle area, this is a “must attend” event. Space is very limited, so join us here today.

• Chicago CISO Mastermind dinner is taking place on April 8, 2025 in Chicago, IL. This event is co-hosted by a cyber team of a Fortune 50 company and expect to be at capacity soon. Space is limited, so join us here today.

• RSAC CISO Mastermind dinner is taking place on April 27, 2025 in San Francisco, CA. If you are going RSAC this year, this is a “must attend” event. Space is limited, so join us here today.

• Houston CISO Mastermind dinner is taking place on May 14, 2025 in Houston, TX. Our co-host is Greg Wilson (ex-CISO, Putnam Investments) and we expect 20+ prominent CISOs to join us. If you are in the Greater Houston area, this is a “must attend” event. Space is limited, so join us here today.

• Dallas CISO Mastermind dinner is taking place on May 15, 2025 in Dallas, TX. Our co-host is Peeyush Patel (CISO, XPO Logistics) and we expect 20+ prominent CISOs to join us. If you are in Dallas-Fort Worth area, this is a “must attend” event. Space is limited, so join us here today.

• Gartner CISO Mastermind dinner in staking place on June 8, 2025 in Washington, D.C. Our co-host is Ann Dunkin (CIO, U.S. Department of Energy) and we expect 20+ CISO to join us. Are you attending Gartner Security & Risk? Local to D.C. area? Sign up here today.

• Re:Inforce CISO Mastermind dinner is taking place on June 15, 2025 in Philadelphia, PA. Are you attending Re:Inforce? Local to Philadelphia? Space is limited, so join us here today.

• BlackHat CISO Mastermind dinner is taking place on Aug 3, 2025 in Las Vegas, NV. If you are going Black Hat this year, this is a “must attend” event. Space is limited, so join us here today.

• New York CISO Mastermind dinner is taking place on October 15, 2025 in New York, NY. If you are in New York, this is a “must attend” event. Space is limited, so join us here today.

• Re:Invent CISO Mastermind dinner is taking place on Dec 1, 2025 in Las Vegas, NV. If you are going Re:Invent this year, this is a “must attend” event. Space is limited, so join us here today.

=> Want to host or sponsor a CISO Mastermind around a conference you are going to or in the city where you live? Reach out!

Industry Events:

• RSAC is taking place on April 28-May 1, 2025 in San Francisco, CA.

• Identiverse is taking place on June 2, 2025 in Las Vegas, NV.

• Gartner: Security & Risk Management is taking place on Jun 8, 2025 in National Harbor, MD.

• Re:Inforce on June 15, 2025 in Philadelphia, PA.

• Black Hat is taking place on Aug 2-7, 2025 in Las Vegas, NV.

• InfoSec World is taking place on Sep 22, 2025 in Orlando, FL.

• SecTor is taking place on Oct 23, 2025 in Toronto, Canada.

• Re:Invent is taking place on Dec 2, 2025 in Las Vegas, NV.

• Gartner: Identity & Access is taking place on Dec 8, 2025 in Grapevine, TX.

• Black Hat Europe is taking place on Dec 9, 2025 in London, UK.

Attending or hosting an event? Let us know!

Bad actors have been busy recently 📈:

• A widespread outage hit X on Monday, disrupting access for thousands of users. Elon Musk later claimed a massive cyberattack caused it.

• The government of Mission, Texas, has filed a state of emergency after a cyberattack compromised all data on city systems.

• Four healthcare data breaches exposed the sensitive information of over 560,000 people, and ransomware gangs Rhysida and BianLian claimed responsibility.

• Details of a January 2024 cyberattack on the Toronto Zoo reveal that visitor data from 2000 to 2023, including names, contact information, and partial credit card details, was exposed.

• Presto, a U.S. home appliance company, was hit by a cyberattack on March 1. The attack affected its network, causing delays in manufacturing and shipments.

• About 18,000 corporate customers may have had their data compromised in a recent breach of NTT’s system, though individual consumer information remains unaffected.

• Skira Team has claimed responsibility for a December 2024 cyberattack on Carruth Compliance Consulting, which exposed the data of over 40,000 U.S. school employees.

• An American journalist faces legal action from HCRG, which has turned to UK courts to prevent the publication of confidential data stolen in its breach.

• Hunters International threatens to release 1.4TB of stolen data after claiming responsibility for a cyberattack on Tata Technologies.

• DeFi platform 1 Inch has lost over $5 million in crypto assets after a smart contract breach by a hacker who later returned the funds for a $450,000 bounty.

• Russia's FSB has disclosed a thwarted Ukrainian cyberattack aimed at stealing and exploiting personal data from young military trainees in Moscow.

But a handful of guys were nabbed 👮‍♀️:

• Malware-fueled ATM scam lands two suspects in custody: Two Venezuelan nationals have been arrested in Illinois for hacking ATMs in New York and possibly Massachusetts and Illinois, using malware to steal about $187,000. They now face bank theft and conspiracy charges, carrying a potential 10-year prison sentence.

• Developer sentenced for cyber sabotage after firing: Davis Lu, 55, could serve up to 10 years in prison after secretly planting a kill switch in Eaton Corporation’s systems. The code activated upon his termination, locking out thousands of employees and crippling company operations.

• U.S. charges Chinese hackers over cyber espionage: The U.S. Justice Department has charged Chinese state security officers, alongside APT27 and i-Soon hackers, for global cyberattacks since 2011. Their targets included U.S. government agencies, Asian foreign ministries, dissidents, and significant U.S. religious organizations.

• Two charged for operating illicit crypto exchange Garantex: Aleksej Besciokov, 46, and Aleksandr Mira Serda, 40, have been charged for running Garantex, a crypto exchange that processed hundreds of millions in criminal proceeds. Authorities say it facilitated hacking, ransomware, terrorism, and drug trafficking, causing significant harm to U.S. victims.

• Tax scam mastermind brought to justice: Matthew A. Akande, a Nigerian man residing in Mexico, has been extradited to the US for allegedly orchestrating a cyberattack on a Massachusetts tax firm. His operation, which spanned five years, secured him over $1.3 million in fraudulent tax refunds.

Stay safe.

Misha Sobolev

Aphinia

***

P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.