Veteran legal leader to advance industry leadership at the intersection of law and cybersecurity, enabling business growth and stronger outcomes for customers worldwide.

OXFORD, U.K. — October 7, 2025 —

Sophos, a global leader of innovative security solutions for defeating cyberattacks, today announced that Aparna Williams has joined the company as Chief Legal Officer (CLO). Williams oversees all aspects of Sophos’ global legal, compliance, and regulatory operations, reporting directly to Joe Levy, Sophos’ CEO.

With more than 25 years of legal leadership across high-growth, global technology companies, including roles at Coalfire Systems, Shippo, Imperva, and Symantec, Williams has built and scaled legal functions that enable growth, strengthen governance, and support global expansion. Her expertise spans corporate governance, complex transactions and M&A, regulatory strategy and privacy, legal operations, and enterprise risk. Throughout her career, she has been recognized for her ability to transform legal operations into a strategic function—balancing compliance and risk management with innovation and commercial opportunity.

“Cybersecurity is a business built on trust, and Aparna’s appointment reinforces Sophos’ commitment to protecting that trust,” said Joe Levy, CEO, Sophos. “Her deep expertise in corporate governance, compliance, and transactions will help keep Sophos safe and secure while enabling our continued growth. Aparna also brings a commercial and customer-centric perspective that will benefit our partners and customers worldwide as they navigate evolving cybersecurity regulations and supply chain risks."

Strategic focus areas for Sophos Legal under Williams’ leadership

  • Governance & Ethics: Reinforcing board-level governance and enterprise risk management with cross-functional controls that support resilient growth.
  • Privacy, Data & AI: Ensuring privacy, data protection, and responsible AI practices are embedded into products and operations to meet global requirements and uphold Sophos’ ethics and compliance standards.
  • Regulation & Policy Leadership: Engaging proactively with regulators and contributing to the development of global cybersecurity and data protection policies, while helping customers and enterprise leaders navigate complex compliance and supply-chain requirements.
  • Customer & Commercial Enablement: Streamlining contracts, safeguarding IP, and working directly with customers and partners to reduce friction, build trust, and improve time-to-value while maintaining robust protections.

“There is deep purpose in cybersecurity—defending people and helping them when it matters most has been the mission throughout my career,” said Aparna Williams, Chief Legal Officer, Sophos. “Sophos is at a pivotal moment, scaling to protect organizations of every size with the right mix of AI, platform innovation, services, and partner reach. As AI accelerates, bringing both transformative opportunity and new risks, my role is to ensure we scale with confidence, strengthening governance and trust to ensure innovation fuels growth and resilience for our customers.”

A frequent speaker and mentor, Williams is a thought leader on the intersection of law and cybersecurity, including regulatory readiness, supply chain risk, and the role of legal operations in managing cyber risk. She is also an active advocate for advancing women in law through organizations such as Association of Corporate Counsel (ACC), the ACC NCR Leadership Academy, and Ms. JD.

About Sophos

Sophos is a cybersecurity leader defending 600,000 organizations globally with an AI-driven platform and expert-led services. Sophos meets organizations wherever they are in their security maturity and grows with them to defeat cyberattacks. Its solutions combine machine learning, automation, and real-time threat intelligence with frontline human expertise from Sophos X-Ops to deliver advanced, 24/7 threat monitoring, detection, and response.

Sophos offers industry-leading managed detection and response (MDR) alongside a comprehensive portfolio of cybersecurity technologies — including endpoint, network, email, and cloud security, extended detection and response (XDR), identity threat detection and response (ITDR), and next-gen SIEM. Together with expert advisory services, these capabilities help organizations proactively reduce risk and respond faster, with the visibility and scalability needed to stay ahead of evolving threats.

Sophos goes to market with a global partner ecosystem, including Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), resellers and distributors, marketplace integrations, and cyber risk partners, giving organizations the flexibility to choose trusted relationships when securing their business.  Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com.