What happened
SolarWinds appointed Justin Henkel as its Chief Information Security Officer.
Henkel joins SolarWinds with more than two decades of experience across military service and the private sector. He most recently spent nearly five years at OneTrust, where he began as Head of the CISO Center of Excellence and later became Deputy CISO.
At OneTrust, Henkel built a portfolio focused on enterprise risk, resilience, and security operations. He also served as an intelligence officer in the United States Air Force from 2001 to 2025.
Henkel has held cybersecurity leadership roles at CME Group and iSIGHT Partners, with work focused on threat intelligence. His experience spans the intelligence community, financial services, cyber threat intelligence, vulnerability management, third-party risk, and enterprise risk.
He holds a Master’s in Intelligence Studies with a focus on political and military intelligence from the American Public University System and an Executive Certificate in Technology and Operations from MIT Sloan School of Management.
SolarWinds President and CEO Sudhakar Ramakrishna said Henkel’s experience across government and industry positions him to strengthen the company’s resilience posture as SolarWinds continues work around AI-driven IT.
Henkel said he sees SolarWinds at a pivotal moment and described the company as one focused on resilience and innovation.
Who is affected
SolarWinds customers, partners, employees, and security stakeholders are affected by the appointment.
The company provides observability and IT management software used by organizations operating hybrid IT environments. Henkel’s role will center on SolarWinds’ security leadership, resilience posture, and continued work around enterprise risk and security operations.
The appointment is also relevant to organizations that rely on SolarWinds products for monitoring, observability, IT service management, application performance, and database management.
Why CISOs should care
This appointment is notable because SolarWinds operates in areas that are closely tied to enterprise visibility, IT operations, observability, and hybrid infrastructure management. Security leadership at vendors in this category matters because their products often sit close to critical systems, infrastructure data, and operational workflows.
Henkel’s background in threat intelligence, vulnerability management, third-party risk, and enterprise risk aligns with several areas that CISOs prioritize when evaluating technology providers. For customers, vendor resilience and secure product operations are part of broader supply chain risk management.
The appointment also reflects the growing overlap between operational resilience, AI-driven IT, and cybersecurity. As IT management platforms add more automation and AI capabilities, CISOs will increasingly scrutinize how vendors secure those systems and manage risk across product, customer, and operational environments.
3 practical actions
- Review SolarWinds’ security and trust materials during vendor assessments: Organizations that use SolarWinds products should keep vendor risk reviews current and assess how the company communicates security posture, resilience, and product security practices.
- Align vendor oversight with operational importance: SolarWinds products may support observability, IT management, service management, and hybrid infrastructure operations. CISOs should classify these tools based on their role in operational visibility and incident response.
- Reassess third-party risk expectations for AI-driven IT vendors: SolarWinds framed the appointment in the context of resilience and AI-driven IT. Security teams should ensure vendor assessments address AI governance, access control, data handling, secure development, and incident response readiness.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.