APHINIA - Your Weekly CISO Wire
Happy New Year! I hope it is off to a strong start for you!
Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:
These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:
Todd Sharkey was appointed as CISO at Lorain County.
Ray Cotton was appointed as CISO at Archer.
Stephen K Brannon was appointed as CISO at Integrated Specialty Coverages, LLC.
Andrea Coyne was appointed VP, CISO, at Banner Health.
Jason Kichen was appointed as CISO at Fluidstack.
James Rothman was appointed as CISO at Medtronic Diabetes.
Appointed? Promoted? Let us know!
Aphinia is growing! Say hello, reach and connect with our new members:
Brandon Lindsay, Director, Information Security & Data Protection, HIAS
Dean Gibson, Senior Director, IT Infrastructure and Security, Quva Pharma
Fred Harder, Senior Director of Security Engineering, Dun and Bradstreet
Ioannis Haviaras, Manager, Governance, Risk and Compliance, Comcast
Jim Lola, CISO & Head of IT, Sonim Technologies, Inc.
Mike Gala, VP, Cybersecurity, Comcast
Welcome on board!
Who in your network can benefit from Aphinia? Please send them here »
Not yet a member? Apply here »
Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min
Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:
a new Advisory role or a consulting gig
a promotion or appointment
a book deal or a speaking engagement at industry conference
Our dance card is filling up fast, here’s the link to grab your time slot now: https://calendly.com/aphinia/30min
Meanwhile, check out our recent conversation with Ram Hedge (CISO, Genpact) on all things cybersecurity.
Full interview here»
Several important events happened that merit your attention:
U.S. considers criminal penalties for nonconsensual Deepfake porn: The U.S. Sentencing Commission is seeking public input on how to classify and penalize nonconsensual deepfake pornography under the Take It Down Act. Proposed penalties include fines and prison terms.
Trump signs defense bill strengthening cybersecurity: President Trump signed the 2026 Defense Bill, which funds U.S. Cyber Command and requires secure Pentagon phones. It preserves Cyber Command’s dual leadership with the NSA and promotes unified cybersecurity policies.
South Korea adopts mobile facial ID: South Korea will require facial recognition to obtain new mobile numbers from March 23 to curb identity theft and phone-based scams. The policy targets illegal device registrations following widespread voice phishing and a major telecom data breach.
Russia proposes age restrictions for social media access: Russian authorities are considering restricting access to social media, allowing it only to users aged 16 and older and requiring passport identification for adult content. The move aims to regulate online content, including games, WhatsApp, and AI technologies, to protect children.
Meta’s AI chat ads raise privacy concerns: Meta’s new policy uses interactions with its AI chat features to target ads, and users cannot opt out. Privacy experts warn this could exploit sensitive personal information and incentivize addictive engagement, raising risks for mental health and child safety.
Surge in criminal use of DIG AI on the Darknet: Resecurity reports a surge in the use of DIG AI on Tor, enabling criminals to scale illegal activities, including producing synthetic CSAM.
Cellik malware targets Google Play apps: The new Cellik Android malware lets attackers create malicious versions of legitimate Google Play apps, potentially bypassing Play Protect. It can steal credentials, screen stream, exfiltrate files, and execute hidden browser actions, making infections difficult to detect.
Nomad to repay users after $186M cyberattack: The FTC has ordered the blockchain firm Nomad to repay $37.5 million to users following a 2022 hack that exposed major security failings. The company must also implement a strong security program, undergo third-party assessments, and refrain from misrepresenting its product security.
Industry news: Gambit Cyber, a Dutch cybersecurity startup, has raised $3.4 million. Adaptive Security, a New York-based risk analysis and threat response platform, has raised $81 million. Vega Security, an Israeli cybersecurity firm that offers an AI-native detection and response system, has raised $120 million. itSynergy acquired Comply’s Itegria. Integrity360 acquired Cresco. Silent Push acquired HYAS.
These senior cybersecurity executive roles you may want to forward to your friends and colleagues:
Landmark Credit Union is looking for a Chief Information Security Officer in Brookfield, WI.
Hillenbrand is looking for a Vice President & Chief Information Security Officer in Cincinnati, OH.
Starburst is looking for a Chief Information Security Officer in San Francisco, CA.
Texas A&M Engineering is looking for a Chief Information Security Officer in College Station, TX.
Sutter Health is looking for a Vice President, Chief Information Security Officer in Sacramento, CA.
Finzly is looking for a Chief Information Security Officer in Charlotte, NC.
GDIT is looking for a Chief Information Security Officer, Veterans Affairs Business Area (remote).
Equity Prime Mortgage is looking for a Chief Information Security Officer/Chief Technology Officer (remote).
Council Capital is looking for a Chief Information Security Officer (remote).
Looking for a job? Hiring? Let us know.
Aphinia is hosting a CISO Mastermind dinner in the Bay Area on February 19, 2026
If you are a cybersecurity practitioner local to the Bay Area, this is a must-attend event. Space is very limited, save your seat today!
Quick Sign Up - Aphinia In-Person CISO Mastermind Dinners:
Events are filling up very fast. So if you are traveling to the conferences or local to these cities sign up today:
CISO Mastermind dinner - Feb 19 - Bay Area, CA - Save your seat today
FS-ISAC Mastermind dinner - Mar 1 - Orlando, FL - Save your seat today
RSAC Mastermind dinner - Mar 23 - San Francisco, CA - Save your seat today
Gartner Risk Mastermind dinner - Jun 1 - Washington, DC - Save your seat today
Identiverse Mastermind dinner - Jun 15 - Las Vegas, NV - Save your seat today
SecTor Mastermind dinner - Oct 5 - Toronto, ON - Save your seat today
Black Hat Mastermind dinner - Aug 2 - Las Vegas, NV - Save your seat today
Re:Inven Mastermind dinner - Las Vegas, NV - Save your seat today
Gartner IAM Mastermind dinner - Dallas, TX - Save your seat today
=> Want to host or sponsor a CISO Mastermind around a conference you are going to or in the city where you live? Reach out!
Industry Events:
RSAC is taking place on March 22-26, 2026 in San Francisco, CA.
Black Hat is taking place on Aug 1-6, 2026 in Las Vegas, NV.
Attending or hosting an event? Let us know!
Bad actors have been busy recently 📈:
Baker University has revealed a 2024 data breach that exposed personal, financial, and health information of over 53,000 individuals.
A ransomware attack over the weekend compromised systems at Romania’s water management authority, impacting multiple regional offices.
Nissan has confirmed that a Red Hat data breach, which occurred in September, exposed the personal information of around 21,000 customers in Japan.
A hacker has exposed and taken control of more than 1,000 phones in Doublespeed, an Andreessen Horowitz-backed startup’s phone farm that runs undisclosed AI-generated ads on TikTok.
Tech provider for NHS England, DXS International, disclosed a cyberattack last Thursday, with a ransomware group, DevMan, claiming to have stolen 300GB of data.
The University of Phoenix has acknowledged that millions of people were affected by the cyberattack involving its Oracle E-Business Suite platform.
Former Israeli Prime Minister Naftali Bennett has confirmed hackers accessed his Telegram account, but claims his phone was not breached.
More than 27,000 individuals were affected after a cyberattack exposed historical data files belonging to staff, students, and alumni at the University of Sydney.
A successful cyberattack on Venezuela’s PDVSA disrupted administrative systems, though the company denied any impact on oil exports.
Separate cyberattacks have targeted Cisco VPNs and email systems this month, exposing risks to business networks.
But a handful of guys were nabbed 👮♀️:
US charges 54 over Ploutus ATM jackpotting: The US Department of Justice has charged 54 individuals linked to Venezuela’s Tren de Aragua for using Ploutus malware to conduct large-scale ATM jackpotting attacks. Authorities say the group stole millions by forcing ATMs to dispense cash and now face decades-long prison sentences.
Ferry malware triggers arrest: French authorities have detained a Latvian crew member accused of installing malware on an Italian passenger ferry, potentially enabling remote control of the vessel. Investigators are probing suspected foreign interference.
Ukrainian hacker pleads guilty in Nefilim ransomware case: A 35-year-old Ukrainian, Artem Stryzhak, pleaded guilty in a US court to conspiracy for his role in Nefilim ransomware attacks targeting major companies worldwide. He faces up to 10 years in prison, while his alleged co-conspirator remains at large.
Hacker arrested after breach of France’s Interior Ministry: French authorities arrested a 22-year-old suspect over a cyberattack that breached the Interior Ministry’s email systems earlier this month. Investigators are probing possible links to BreachForums, which claimed responsibility for the attack.
Three suspects arrested over Microsoft 365 phishing: Three individuals were arrested in Nigeria for operating the Raccoon0365 phishing platform, which compromised more than 5,000 Microsoft 365 accounts worldwide. Authorities seized laptops and other devices linked to the scheme after receiving intelligence from Microsoft.
Stay safe.
Misha Sobolev
Aphinia
***
P.S.: Are you a senior GTM executive at a cybersecurity company wanting to get your story in front of 2,000+ of cybersecurity executives? Sponsor a thought leadership section in the next issue of CISO Wire.