Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
In this second part of our series, we'll introduce three more of Microsoft's deputy chief information security officers (CISOs) and share more about their background, role, and priorities. These leaders work in tandem with product and engineering leaders across the company to create accountability and advance cybersecurity protection for Microsoft, its customers, and the industry.
Terrell Cox: Shaping Microsoft's Product and Privacy Focus
Terrell Cox is part of the Microsoft Security division, where he delivers security, management, and privacy products. His dual focus includes serving as Deputy Chief Information Security Officer for our products and leading privacy, compliance, and risk efforts.
"It began with Public Key Infrastructure (PKI) work on Windows Server 2003," Terrell says of his journey into cybersecurity. "What hooked me to cybersecurity was the challenge of taking powerful security tools like encryption and making them usable and approachable."
Terrell's team oversees infrastructure used company-wide to ensure Microsoft respects customer data rights.
Damon Becknel: Ensuring Compliance Across Microsoft
Damon Becknel is part of the Microsoft Security division, and his job is to help divisions ensure they are compliant with regulations. He adopts best practices from regulated industries like banking and healthcare to provide guidance to teams on compliance.
"Actions speak louder than words," Damon emphasizes. "Communication is important, but more important is creating a safe space for that communication."
Ilya Grebnov: Setting High Standards in Microsoft Cloud and AI
Ilya Grebnov is part of the Microsoft Cloud and AI division, and his team is responsible for evaluating work against innovation to find a balanced approach. They prioritize critical and immediate threats and use prioritization frameworks to maintain this balance.
"Contrary to popular misconceptions, hackers typically operate as professionals rather than mere publicity seekers," Ilya notes. "Understanding that these actors often view their activities as employment, sometimes even state-sponsored, requires us to rethink our defensive strategies."
Security Success Hinges on Rigorous Process Discipline
The deputy CISOs underscore that cybersecurity success hinges on rigorous process discipline, not just technology. By redefining cyberattackers as persistent professionals and prioritizing fundamentals, they exemplify how security enables innovation.