Recent Cybersecurity Appointments Highlight Leadership Shifts Across Enterprise and Government

Geoff Belknap – Microsoft
Geoff Belknap has been promoted to Operating CISO for Core and Enterprise at Microsoft, where he now oversees security for core infrastructure, corporate applications and M&A activity. He previously served as Deputy CISO at Microsoft and was formerly the CISO of LinkedIn. (source)

Michael Srihari – Microsoft
Michael Srihari has been promoted to Operating CISO for Operations and Compliance, responsible for the cross-functional operations that protect Microsoft’s global environment. Srihari joined Microsoft in 2024 from Bridgewater Associates. (source)

Sherrod DeGrippo – Microsoft
Sherrod DeGrippo has been promoted to Deputy CISO for the Customer Security Management Office. She previously led Threat Intelligence Strategy at Microsoft and will oversee customer-facing CISO programs and communications. (source)

Matt Thompson – Socure
Sozure has appointed Matt Thompson as its President and Chief Commercial Officer. He previously served as Chief Revenue Officer and led the company’s public sector business. In his new role, Thompson will oversee commercial strategy and go-to-market execution, bringing experience across identity, fraud prevention, and government-focused security programs. (source)

Andrew McCarthy – CISA
Andrew McCarthy has been appointed Chief of Staff at the Cybersecurity and Infrastructure Security Agency. He will oversee daily operations and support strategic coordination across the agency’s cybersecurity and critical infrastructure missions, working closely with senior leadership. (source)

Stephanie Furfaro – HackerOne
Stephanie Furfaro has been appointed Chief Revenue Officer at HackerOne. She will lead global revenue operations, partnerships, and customer growth initiatives, bringing experience in scaling enterprise technology and security-focused platforms. (source)

Stacy Leidwinger – HackerOne
Stacy Leidwinger will serve as the Chief Marketing Officer at HackerOne. She will oversee global marketing strategy, brand positioning, and demand generation, supporting the company’s continued expansion in vulnerability disclosure and security testing services. (source)

Guillaume Poupard – Orange

Guillaume Poupard has been appointed to lead Orange’s strategy on sovereignty and trust, reporting directly to CEO Christel Heydemann. He will work closely with Orange Business and Orange Cyberdefense to accelerate the development of cybersecurity offerings across B2C and B2B markets, as well as trusted cloud and AI solutions. (source)

Arul Sakthivel – Indo Count Industries Limited

Arul Sakthivel has been appointed Vice President–Information Technology at Indo Count Industries Limited. A senior management appointment, Sakthivel brings more than 30 years of experience across IT project management, infrastructure operations, cybersecurity, data center management, and business continuity planning. (source)

Rahul Rasgotra – Government of Mauritius

Rahul Rasgotra, a retired Indian Police Service officer of the 1989 batch, has been appointed National Security Advisor to Mauritius. A former Director General of the Indo-Tibetan Border Police, Rasgotra previously served as Deputy Director of India’s Intelligence Bureau, where he oversaw counterinsurgency, border management, and domestic intelligence operations. (source)

Michael Papay – Western Alliance Bancorporation

Michael Papay has been appointed to the Board of Directors at Western Alliance Bancorporation, strengthening the bank’s cybersecurity and technology risk oversight as it approaches $100 billion in assets. A recognized cybersecurity expert, Papay previously led technology risk and information security at American Express and has advised U.S. government agencies including Homeland Security, the Department of Defense, the FBI, and the Federal Reserve. (source)

Clarke R. Starnes III – Western Alliance Bancorporation

Clarke R. Starnes III has joined the Board of Directors at Western Alliance Bancorporation, adding senior expertise in risk governance and regulatory oversight as the bank expands its balance sheet. Starnes spent more than a decade leading enterprise risk functions at Truist and its predecessor BB&T. (source)

Sameer Ratolikar – HDFC Bank

Sameer Ratolikar has been elevated to Group Head and Chief Information Security Officer at HDFC Bank, effective December 1, 2025, following board approval. In this role, he leads the bank’s enterprise information security strategy and oversees a cybersecurity team of more than 130 professionals. Ratolikar is responsible for aligning cyber defense, regulatory compliance, and digital risk management across the bank’s technology environment. (source)

Jonathan Niednagel – Wisr AI Systems
Jonathan Niednagel has joined the board of Wisr AI Systems, contributing extensive experience in cybersecurity risk, third-party risk governance, and compliance oversight. He has spent more than two decades working across enterprise security and GRC, with leadership roles spanning product, advisory, and executive functions at multiple cybersecurity firms. (source)

Geoffrey Mattson – SecureAuth

Geoffrey Mattson will serve as the Chief Executive Officer at SecureAuth. He brings experience leading cybersecurity and AI-focused companies, including serving as CEO of Xage Security and co-founding MistNet.ai. His background spans identity security, threat detection, and large-scale distributed systems. He will lead SecureAuth as enterprises adapt identity controls to support human, machine, and AI-driven access. (source)

Hussam Sidani – OPSWAT

Hussam Sidani has been appointed Vice President for the Middle East and North Africa at OPSWAT, where he will lead the company’s regional strategy and operations. With 25 years of experience building and scaling cybersecurity businesses across the Middle East, Turkey, and Africa, Sidani’s career spans senior leadership roles at Cybereason, FireEye, and Symantec. (source)

Cel Mantua – CREST Asia Council

Cel Mantua, Chief Operating Officer of RT&Co. Cybersecurity, has been appointed to the CREST Asia Council, a regional body that oversees professional standards for technical cybersecurity services. In this role, Mantua will contribute to the development and oversight of best practices across areas such as penetration testing, incident response, threat intelligence, and security operations. (source)