Bret Arsenault is Corporate Vice President and Chief Information Security Officer at Microsoft, the world’s largest software company. A global leader in virtually every technological arena, Microsoft strives to empower every person and organization to achieve more with best-in-class platforms and productivity services for a mobile-first, cloud-first world. With more than 118,000 employees and annual revenues of more than $93 billion, Microsoft is America’s third largest corporation.

Bret has a career-long reputation for turning technical knowledge and insight into action. As a transformational global business leader, he has consistently and continuously been a catalyst for cross-functional and cross-divisional strategic impact and the development of world-class solutions to big problems. Bret has operationally and strategically led divisions of the company through cultural change and technological repositioning, including building new businesses in eCommerce, integrating acquired new ventures, and driving product development. Active across the breadth of functional responsibility, he has leveraged sales & business development, operations, talent, engineering & product development, and risk management from the customer suite to the Boardroom, consistently driving competitive advantage.

In the CISO role since 2009, Bret is charged with keeping all Microsoft data secure from the 21st century’s ever- growing cyber-threats, while ensuring compliance with evolving regulations. With the global team of information security professionals that he leads, he successfully developed and implemented the company’s robust corporate incidence response strategy, as well as sophisticated companywide defenses that combine threat monitoring, vulnerability analysis and control tools. In addition to his responsibilities as CISO, Bret serves as Chairman of Microsoft’s Information Risk Management Council, convening teams from across the company that focus on data protection. He frequently takes his expertise directly to enterprise customers as the host of Microsoft’s Security Council, a forum that drives product direction and operational best practices.

At Microsoft since 1990, Bret was integrally involved in developing the company’s U.S. Emergency Response Plan, its Worldwide Security Mobilization effort and the Trustworthy Computing Task Force. Before assuming his current role, he served as Microsoft’s Chief Technology Officer for its Identity and Security Division, during which time he spearheaded the creation of the Microsoft Security Risk Assessment (MSRA) methodology, a highly successful standardized framework used to evaluate security issues and provide critical guidance to consumers. Bret received the 2015 Technology Executive Network Award as Information Security Executive of the Year, Commercial Sector. He also received the Architectural Engineer Achievement Award presented by Bill Gates, for his pioneering work in Internet Security. Strongly committed to talent and leadership development, Bret was named Executive Sponsor for over 1,000 senior leaders in the Sales & Services and Operations areas.

Bret serves as an outside cyber-risk advisor to executives and boards at numerous Fortune 100 companies, and has served on the Advisory Boards of several enterprises, including eBay,, Saints Ventures, and @stake and numerous government agencies. He is a founding member of Security 50 and the Executive Security Action Forum (ESAF), an association of senior information security and risk executives from governments and Global 1000 companies. He also serves on the board of xDTM, a nonprofit dedicated to protecting and empowering online consumer business. Bret is frequently asked to speak on cyber security strategy, at events that include HP Discover, Security50, the Pacific Enterprise Risk Forum and Gartner’s Security and Risk Management Summit.

A graduate of the College of Idaho, he lives in Washington with his wife Peg and daughter Sydney.