Microsoft Corp. has made a significant shakeup of its security team, as its longtime leader was put into a new role and a new chief information security officer was appointed Tuesday.

Igor Tsyganskiy, who joined Microsoft four months ago in the role of chief strategy officer, has been appointed the new CISO, replacing Bret Arsenault, who had held the role for 14 years.

Though Microsoft is hardly alone in being targeted by attackers and indeed presents a big target thanks to its size and pervasivness, it has suffered some large breaches recently. They include accidentally making 38 terabytes of internal data, including passwords, publicly accessible through a GitHub repository in September, a few months after Chinese hackers compromised a Microsoft engineer’s account to breach email accounts belonging to U.S. government agencies. And in August, the Cyber Safety Review Board launched an investigation into a high-profile breach that hit Microsoft Corp.’s Exchange Online email platform earlier this year.

It’s not clear whether those or other incidents spurred the shakeup.

Arsenault, who has been moved to a new role as chief security adviser, has been at Microsoft since 1990, according to his LinkedIn profile. He started as a senior engineer before serving in various security roles, including being appointed as Microsoft’s CISO in October 2009.

Prior to joining Microsoft, Tsyganskiy served as chief technology officer at Bridgewater Associates LP, a hedge fund that services institutional clients, including pension funds, endowments, foundations, foreign governments and central banks. Before that, Tsyganskiy worked as the senior vice president of product management at Salesforce Inc. and was the head of the advanced technology group at SAP SE.

Charlie Bell, Microsoft’s executive vice president of security, said on LinkedIn that the decision to shake up the company’s security leadership is part of Microsoft’s Secure Future Initiative. The initiative, announced by Microsoft in November, is an internal program designed to enhance the security of Microsoft’s vast array of software offerings.

Central to the Secure Future Initiative is an emphasis on reducing vulnerabilities within Microsoft’s product ecosystem. The company plans to increase the use of memory-safe programming languages like Java, C# and Python, which minimize the risk of specific bugs exploitable by cyber attackers.

Microsoft is also adopting CodeQL, a GitHub-developed open-source tool for automated vulnerability scanning in code and streamlining its threat modeling processes. With the initiative, Microsoft aims to double the pace of fixing vulnerabilities in its cloud services through the use of a remediation methodology called dSDL, which integrates continuous integration and continuous delivery software to accelerate the deployment of security patches.

“So much of the world depends on Microsoft for its digital safety and we need look no further than the news headlines to know we live in a rapidly evolving threat landscape, one that is highly demanding and drives us to continually innovate and deliver,” Bell said on LinkedIn. “Navigating all this requires a tremendous amount of leadership know-how and experience.”

Bell added that Tsyganskiy brings a “deep knowledge and experience from his previous role outside of Microsoft and I look forward to continuing to collaborate with him on this important work.”

Although not mentioned by Bell, Benzinga reported that the shakeup also included Aanchal Gupta, Microsoft’s deputy CISO who was expected to take over from Arsenault. Gupta has been shifted to the role of technical adviser to Ales Holecek, Microsoft’s corporate vice president of the Office Product Group in the Experiences and Devices division.

Image: Microsoft