Sony plucks first CISO from US Dept of Homeland Security

Four months after devastating breach, Sony finds its man.
  • Liam Tung (CSO Online)
  • — 07 September, 2011 06:22

Sony has named US government cyber security czar Phillip Reitinger its first chief information security officer (CISO).

The newly filled post was one of Sony’s key responses to its first major customer data breach in which 77 million customers personal details were compromised.

Reitinger joins Sony from the Department of Homeland Security’s National Protection and Programs Directorate, where he was also its director of the National Cybersecurity Centre. There he was responsible for coordinating “situational awareness”, interagency security information sharing and reducing risks across physical and cyber infrastructure. 

His experience would appear to be well suited to his new responsibilities, which include assuring the security of Sony’s systems, and overall information security, privacy and internet safety, while coordinating with the company’s headquarter groups and the security community to bring best practices to Sony.

Sony’s first CISO will also serve as a Sony senior vice president, according to the company.

At its May apology for the breach, Sony consumer division boss Kazuo Hirai announced the new security leadership role as part of its response to the attack.

Since the apology, hacking group LulzSec claimed to breach several Sony entertainment properties.

Hirai said the new CISO would report to incumbent CIO of the parent company Sony Corp., Shinji Hasejima, however Sony has now placed Reitinger beneath its executive vice president and general counsel, Nicole Seligman, a US attorney brought in by Sony chief Howard Stringer in 2001.   

Prior to his role at the DHS, Reitinger was Microsoft’s chief trustworthy infrastructure strategist as well as executive director for the US Department of Defense’s forensics and counter intelligence unit, DC3, or the Defense Cyber Crime Centre. 

Tags: cyber security czar Phillip Reitinger, breach, Department of Homeland Security National Protection, seurity, attack, careers, CISO, sony, cybercrime

Today's Approach to Security is Broken

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Protect against bugs in USB Storage devices

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.