Sony plucks first CISO from US Dept of Homeland Security

Sony has named US government cyber security czar Phillip Reitinger its first chief information security officer (CISO).

The newly filled post was one of Sony’s key responses to its first major customer data breach in which 77 million customers personal details were compromised.

Reitinger joins Sony from the Department of Homeland Security’s National Protection and Programs Directorate, where he was also its director of the National Cybersecurity Centre. There he was responsible for coordinating “situational awareness”, interagency security information sharing and reducing risks across physical and cyber infrastructure. 

His experience would appear to be well suited to his new responsibilities, which include assuring the security of Sony’s systems, and overall information security, privacy and internet safety, while coordinating with the company’s headquarter groups and the security community to bring best practices to Sony.

Sony’s first CISO will also serve as a Sony senior vice president, according to the company.

At its May apology for the breach, Sony consumer division boss Kazuo Hirai announced the new security leadership role as part of its response to the attack.

Since the apology, hacking group LulzSec claimed to breach several Sony entertainment properties.

Hirai said the new CISO would report to incumbent CIO of the parent company Sony Corp., Shinji Hasejima, however Sony has now placed Reitinger beneath its executive vice president and general counsel, Nicole Seligman, a US attorney brought in by Sony chief Howard Stringer in 2001.   

Prior to his role at the DHS, Reitinger was Microsoft’s chief trustworthy infrastructure strategist as well as executive director for the US Department of Defense’s forensics and counter intelligence unit, DC3, or the Defense Cyber Crime Centre.