Contacted directly, Johnson, who has served in a variety of senior cybersecurity roles at Microsoft since she joined the software giant in December 2015, did not answer any questions about whether she will relocate to Europe while she holds the role, or how temporary she expects it to be. She referred the queries to Microsoft PR, who declined to comment.
In his LinkedIn post, Tsyganskiy explained that the Cybersecurity Governance Council, which was created in 2024, consists of “our Global CISO and Deputy Chief Information Security Officers (Deputy CISOs) representing each of our technology services. This Council oversees the company’s cyber risks, defenses, and compliance across regions and domains.”
“The Deputy CISO for Europe will be accountable for compliance with current and emerging cybersecurity regulations in Europe, including the Digital Operational Resilience Act (DORA), the NIS 2 Directive, and the Cyber Resilience Act (CRA),” Tsyganskiy wrote. “These laws will prove transformative not only in EU markets, but worldwide, and Microsoft is actively engaged in preparing for what lies ahead.”
