In honor of Cybersecurity Awareness Month, we’re spotlighting the 71 forward-thinking CISOs and CSOs who have taken on new positions this past year!
From strengthening enterprise defenses and advancing AI-driven threat detection to building a culture of digital resilience, these leaders are redefining what it means to protect and empower modern organizations. Join us in celebrating their achievements as they guide their teams through an era of evolving cyber risk and innovation.
Michael Hanley – Chief Information Security Officer at General Motors
General Motors has appointed Michael Hanley as its new Chief Information Security Officer. Hanley, who officially joined GM in December 2024, brings a wealth of experience from prominent roles in the cybersecurity and technology sectors. Most recently, he served as Chief Technology Officer at GitHub, where he previously held the role of Chief Security Officer and Senior Vice President of Engineering. Over his 20-year career, Hanley has held leadership positions at companies including Duo Security and Cisco. His extensive experience in engineering and security, combined with his deep personal connection to GM, positions him well to oversee the company’s cybersecurity efforts during a period of rapid advancement.
Bruce Jenkins – Chief Information Security Officer at Black Duck Software
Black Duck Software has promoted Bruce Jenkins to Chief Information Security Officer. A 28-year U.S. Air Force veteran with nearly 25 years of cybersecurity expertise, Jenkins will lead the company’s security program across on-premises products, cloud solutions, IT infrastructure, and supply chains. With a career spanning roles at Synopsys Software Integrity Group and Micro Focus, Jenkins is focused on delivering secure-by-design solutions that enhance trust and reliability. He emphasized that trust is at the core of Black Duck’s mission and his efforts to safeguard its operations and customer commitments.
Amanda Day – Deputy Chief Information Security Officer at The Department of Homeland Security
The Department of Homeland Security (DHS) has appointed Amanda Day as Deputy Chief Information Security Officer and Deputy Executive Director. With over 16 years of IT and information security experience across DHS, Day will lead critical cybersecurity programs, manage risk, and ensure compliance with federal regulations to protect national security systems. Previously, she served as Branch Manager of the DHS Cyber Security Operations Center and as CISO for the Science & Technology Directorate, where she oversaw complex cybersecurity initiatives. Day’s career also includes leadership roles at U.S. Customs and Border Protection, focusing on governance, policy, and IT security risk.
Gerald Beuchelt – Chief Information Security Officer at Acronis
Acronis, a global leader in cybersecurity and data protection, has appointed Gerald Beuchelt as its new Chief Information Security Officer. In his role, Beuchelt will oversee the company’s global security strategy, corporate IT infrastructure, and cyber protection efforts while leading the Acronis Threat Research Unit (TRU). With over a decade of cybersecurity leadership, including roles at Sprinklr, LogMeIn, and MITRE, Beuchelt brings extensive expertise to advance Acronis’ mission.
Jim Kastle – Chief Information Security Officer at 7-Eleven
7-Eleven has named Jim Kastle as its new Chief Information Security Officer, bringing over 20 years of IT and risk management expertise to the role. Kastle has previously served as CISO for leading companies such as Delphi, Conagra Brands, and Kimberly-Clark, where he developed and implemented programs to mitigate emerging cyber risks. Kastle’s career also includes leadership roles at JPMorgan Chase, Cardinal Health, VWR International, and Diebold Nixdorf. At Conagra, he spearheaded information security and risk management efforts for one of the largest branded food product providers in the U.S. convenience store industry.
Amy Bogac – Chief Information Security Officer at Baker Tilly
Baker Tilly, a leading advisory, tax, and assurance firm, has announced the appointment of Amy Bogac as Chief Information Security Officer. Bogac brings over 20 years of global information security experience, having led security strategies and risk management for multinational organizations. Most recently, she served as CISO for Elevate Textiles, overseeing security for 86 companies across 106 sites with 15,000 employees. In her new role, Bogac will oversee Baker Tilly’s information security strategy and operations, leading governance, risk, and compliance initiatives to strengthen the firm’s security posture and ensure resilience against evolving threats.
Sunil Seshadri – Chief Security Officer at HealthEquity
HealthEquity, a leading provider of health savings accounts and consumer-directed benefits, has announced the appointment of Sunil Seshadri as its new Executive Vice President and Chief Security Officer. Seshadri brings over two decades of cybersecurity and information security expertise, having held key leadership roles at major financial and technology organizations. Prior to joining HealthEquity, he served as CISO at Wells Fargo Bank and Visa Inc., where he led comprehensive security strategies to protect critical assets and ensure operational resilience. In his new role, Seshadri emphasized his commitment to strengthening HealthEquity’s cybersecurity infrastructure and enhancing fraud prevention capabilities.
Kevin Green – Chief Information Security Officer at Terracon
Terracon has announced the appointment of Kevin Green as its new Chief Information Security Officer. Green brings over 25 years of experience in providing information technology solutions to the architecture, engineering, and consulting industries. Before this role, he served as Manager of Information Security at Terracon and has held positions in infrastructure architecture, network, and systems administration. In his new role, Green will lead the company’s cybersecurity efforts, focusing on threat defense, compliance, risk management, and internal security awareness.
Justin Bingham – Chief Information Security Officer at Park Place Technologies
Park Place Technologies, the leading global data center and networking optimization firm, has announced the appointment of Justin Bingham as its new Chief Information Security Officer. Bingham brings over 15 years of cybersecurity expertise, with a background spanning threat intelligence and security operations in both military and corporate environments. Prior to joining Park Place, he held leadership roles at General Electric, General Motors, and KLA, where he developed strategic cybersecurity programs and advanced AI-driven security initiatives. In his new role, Bingham emphasized his commitment to strengthening Park Place’s security framework, managing risk, and creating a strong culture of cybersecurity across its global operations.
Devon Bryan – Global Chief Security Officer at Booking Holdings
Booking Holdings has appointed Devon Bryan as its new Global Chief Security Officer, where he now oversees enterprise-wide security strategy across the company’s portfolio of global travel brands, including Booking.com, Priceline, KAYAK, and OpenTable. A seasoned cybersecurity executive and U.S. Air Force veteran, Bryan brings over two decades of experience leading security programs at Carnival Corporation, MUFG, KPMG, the Federal Reserve System, and ADP. Known for his DEI advocacy and public-sector leadership, he co-founded Cyversity and actively contributes to national cybersecurity initiatives. Bryan joined Booking Holdings in January 2025.
Hemant Chaskar – Chief Information Security Officer at Nile
Nile, the pioneer of a new breed of enterprise network solutions aimed at securing organizations from cyberattacks and automating daily operations, has announced the appointment of Hemant Chaskar as its new Chief Information Security Officer. Chaskar brings over 25 years of experience in information security, cloud, and wireless networking. Before joining Nile, he held key roles such as CISO at Mojo Networks, Principal Security Architect at Arista Networks, and Head of Cloud Security at Aruba Networks. In his new role, Chaskar will oversee Nile’s organizational security roadmap, cloud infrastructure security, governance, compliance, and risk management, while also collaborating with customers to develop advanced network security features.
Matt Kimpel – Chief Information Security Officer at Magna5
Magna5 has promoted Matt Kimpel to Chief Information Security Officer, where he will lead the company’s cybersecurity initiatives, ensuring protection against emerging threats and facilitating regulatory compliance for clients. Kimpel has played a key role in strengthening the company’s security posture. With expertise in network security and cyber forensics, he will focus on advancing Magna5’s security capabilities and supporting clients’ evolving compliance needs.
Mitch Kohlbecker – Chief Information Security Officer at the City of Phoenix
The City of Phoenix has named Mitch Kohlbecker as Chief Information Security Officer, where he will lead cybersecurity strategy, risk management, and data protection efforts for the city. Kohlbecker has spent nearly five years as Deputy CISO, driving advancements in architecture, engineering, compliance, and risk management. He brings over two decades of leadership experience as a CISO and Senior Director across education, government, non-profits, and Fortune-listed companies. In his new role, he aims to balance security with business innovation to enhance city operations.
Darren Claphan – Chief Security Officer at Arrow Security
Arrow Security has elevated Darren Claphan to Chief Security Officer, overseeing security operations, risk management, and compliance across its national footprint. Claphan joined Arrow in 2024 as Chief Strategy Officer, bringing over 25 years of experience in public and private sector security leadership, including roles at Madison Square Garden Entertainment and US Security Associates. A U.S. Marine Corps veteran and former advisory board member at Xtract One Technologies, he now leads Arrow’s security strategy, emergency preparedness, and client protection initiatives.
Ilija Vadjon – Chief Information Security Officer at The Wendy’s Company
Ilija Vadjon has been named Chief Information Security Officer at The Wendy’s Company. A veteran of the company since 2012, Vadjon has held key leadership roles in information security, most recently serving as Senior Director & Deputy CISO. In his new role, he leads Wendy’s global cybersecurity strategy, overseeing information risk, compliance, security operations, and identity management. Vadjon is a certified CISSP, CISA, and PCI ISA, and remains active in mentoring cybersecurity professionals in the Columbus, OH community.
Brian Contos – Field Chief Information Security Officer at Mitiga
Mitiga has appointed Brian Contos as Field Chief Information Security Officer, where he will support global go-to-market efforts and strengthen engagement with the cloud security community. Contos brings over 30 years of cybersecurity leadership, having held executive roles at ArcSight, Imperva, McAfee, and Verodin, driving multiple IPOs and high-profile acquisitions. Most recently, he served as Chief Strategy Officer and Board Member at Sevco Security. A recognized industry thought leader, author, and speaker, Contos will play a key role in advancing Mitiga’s Cloud Detection and Response platform.
Steven Hernandez – Deputy Chief Information Security Officer at Caterpillar Inc.
Caterpillar Inc. has appointed Steven Hernandez as Deputy Chief Information Security Officer. A veteran cybersecurity executive with over 25 years of experience, Hernandez will support global risk strategy, governance, and security transformation across the enterprise. He joins Caterpillar from USAID, where he served as DCIO, CISO, and CPO, following senior federal CISO roles at the U.S. Department of Education and HHS. At Caterpillar, he will help drive secure digital innovation, aligning cyber risk management with enterprise objectives.
Deepali Bhoite – Chief Information Security Officer at Quickbase
Quickbase, an AI-powered work management platform, has announced the appointment of Deepali Bhoite as Chief Information Security Officer. Bhoite brings over 20 years of experience in enterprise software and cybersecurity and has played a key role in advancing security strategies and risk management. Before joining Quickbase, she led large-scale security programs at Anaplan and held leadership roles at ServiceNow, IBM, and USG. In her new role, she will drive proactive cybersecurity initiatives and enterprise security programs.
John Carse – Field Chief Information Security Officer at SquareX
SquareX, a leading browser security company, has announced the appointment of John Carse as Field Chief Information Security Officer. Carse brings over 20 years of cybersecurity experience and will serve as a strategic security advisor, helping enterprise customers strengthen their browser security posture and translate technical risks into business value. Carse has held global security leadership roles across industries, including finance, technology, and the U.S. military. Most recently, he served as CISO at Dyson, where he was recognized as the Cybersecurity Defender of 2023. In his new role, Carse will provide security guidance, conduct assessments, and help clients develop browser security strategies.
Jim Higgins – Chief Information Security Officer at CoreWeave
CoreWeave has appointed Jim Higgins as Chief Information Security Officer, where he will oversee security strategy, governance, and infrastructure protection across the CoreWeave Cloud Platform. A seasoned cybersecurity leader, Higgins brings extensive experience in regulatory compliance and enterprise risk management, having previously served as CISO at Snap Inc. and Block, Inc. He also held senior security leadership roles at Google and advises U.S. government agencies on cybersecurity matters. In his new role, Higgins will ensure CoreWeave meets the highest security and compliance standards as enterprises and AI labs scale their AI operations.
Mike Rosen – Chief Information Security Officer at iVerify
iVerify has named Mike Rosen as its new Chief Information Security Officer as the company expands its enterprise security solutions. Rosen brings extensive cybersecurity expertise, having led Apple’s Security Incident Response Team and held key roles at Verizon and PwC. At Apple, he safeguarded corporate infrastructure and intellectual property from nation-state threats, while at Verizon, he co-authored the Data Breach Investigations Report. Most recently, he served as CISO at ZwillGen. In his new role, Rosen will oversee security strategy, compliance, and risk management to strengthen iVerify’s mobile security offerings.
Harold Rivas – Chief Information Security Officer at Absolute Security
Absolute Security has appointed Harold Rivas as Chief Information Security Officer. Rivas brings over 20 years of cybersecurity leadership experience, having previously served as CISO at Trellix, loanDepot, Santander Consumer USA, and Mr. Cooper. Throughout his career, he has led security strategy, compliance, and risk management initiatives across highly regulated industries. In his new role, Rivas will oversee global cybersecurity and IT operations, including threat management, product security, and enterprise resilience.
Zeb Qadri – Chief Information Security Officer at Quorum Software
Quorum Software has appointed Zeb Qadri as Vice President, IT Corporate Security and Chief Information Security Officer. In this global role, Qadri will lead enterprise security strategy, governance, and risk, ensuring secure digital transformation across the organization. He brings over two decades of cybersecurity leadership, including CISO roles at Sitecore and senior IT positions at Federated Co-operatives and Sharjah Islamic Bank. Qadri is known for advancing Zero Trust architecture, global compliance frameworks, and post-acquisition security integrations.
Julie Tsai – Chief Information Security Officer In-Residence at Ballistic Ventures
Ballistic Ventures has named Julie Tsai as its newest CISO-in-Residence, adding a veteran cybersecurity leader to its deep bench of industry experts. With over 20 years of experience leading security programs at companies including Roblox, Box, and Walmart, Tsai brings a rare combination of technical depth and strategic vision. At Ballistic, she will advise portfolio companies on security architecture, product development, and go-to-market alignment. A recognized thought leader in DevSecOps and inclusive security cultures, Tsai will play a key role in helping founders build secure, scalable solutions for today’s evolving threat landscape.
Aaron Call – Chief Information Security Officer at the Metropolitan Airports Commission
The Metropolitan Airports Commission has named Aaron Call as its new Chief Information Security Officer, where he will oversee cybersecurity operations, data privacy, and regulatory compliance across Minneapolis-St. Paul International Airport and six general aviation airports in the Twin Cities. Call brings over 17 years of experience managing secure IT environments in both public and private sectors. Prior to joining MAC, Call served as Deputy CISO at Old Republic Title and Chief Infrastructure and Security Officer at WPS.
Brad Doctor – Chief Information Security Officer at First Advantage
First Advantage has appointed Brad Doctor as Chief Information Security Officer. Doctor brings extensive experience in information security, innovation, and business strategy, with more than 20 issued patents to his name. He previously held leadership roles at VMware and Lumen Technologies, where he was instrumental in shaping security strategies and launching Lumen’s MSSP business. In his new role, Doctor will lead First Advantage’s information security initiatives, leveraging his deep expertise to drive innovation and protect enterprise resilience.
Mike Hughes – Chief Information Security Officer at Nordstrom
Nordstrom has appointed Mike Hughes as Chief Information Security Officer, where he will lead the company’s global information security strategy. In this role, Hughes will oversee cybersecurity operations, risk management, and data protection initiatives to safeguard the integrity of Nordstrom’s systems and customer information. Hughes brings extensive leadership experience in cybersecurity, with a proven track record of securing enterprise environments and aligning security programs with business goals.
Phillip Miller – Chief Information Security Officer at H&R Block
H&R Block has appointed Phillip Miller as Vice President and Chief Information Security Officer. In this role, Miller will lead the company’s information security strategy, focusing on safeguarding client data and ensuring compliance across legal, privacy, and regulatory frameworks. Miller brings over 15 years of executive experience in cybersecurity, with a background spanning retail, manufacturing, and technology sectors. His prior leadership roles include CISO positions at NetApp and Brooks Brothers, as well as Principal Security Advisor at Amazon Web Services, where he supported cloud security for clients in financial services and healthcare.
Troy Rydman – Chief Information Security Officer at Packsize
Packsize has appointed Troy Rydman as Chief Information Security Officer. Rydman brings nearly 20 years of experience in cybersecurity, IT, and risk management, most recently serving as Senior Practice Manager at Amazon Web Services. He has also held executive roles at Silicon Valley Bank and Fast, leading global cybersecurity initiatives and technology modernization. At Packsize, Rydman will oversee IT and security strategy, focusing on strengthening digital infrastructure, enhancing data protection, and supporting the company’s global expansion.
Monte Ratzlaff – Chief Information Security Officer at the University of California System
The University of California System has appointed Monte Ratzlaff as Chief Information Security Officer. Ratzlaff brings over 20 years of experience in cybersecurity and has been a central figure in UC’s digital risk efforts since 2010. He previously served as interim CISO during 2021–2022 and again in 2023, and launched the UC Cyber-risk Coordination Center (now UC Digital Risk and Security) in 2015. Under his leadership, the UC system has advanced its cyber governance, threat intelligence sharing, and community collaboration. In his new role, Ratzlaff will lead systemwide digital risk governance.
Todd Spight – Chief Information Security Officer at HDI Global USA
HDI Global Insurance Company (HGIC) has appointed Todd Spight as Chief Information Security Officer. With over two decades of experience leading cybersecurity strategies across insurance, government, education, and manufacturing sectors, Spight will oversee HGIC’s information security programs, focusing on data protection, compliance, and risk management. He joins from prior executive roles supporting global expansion initiatives across the EU and Asia-Pacific.
Michael Adams – Chief Information Security Officer at DocuSign
DocuSign has appointed Michael Adams as Group Vice President and Chief Information Security Officer, where he will lead global security initiatives across data protection, compliance, and risk management. Adams brings nearly 30 years of experience in cybersecurity and national security, with previous leadership roles at Zoom, Palantir, and the U.S. Department of Defense. Most recently, he served as CISO at Zoom, overseeing the company’s product and corporate security programs during a period of rapid global expansion.
Sean Malone – Chief Information Security Officer at BeyondTrust
BeyondTrust has appointed Sean Malone as Chief Information Security Officer, where he will lead the company’s global security strategy, including threat management, cyber risk, product security, and compliance. Malone brings over 15 years of cybersecurity leadership spanning offensive security, cyber resilience, and executive risk governance. Most recently, he served as CISO at Demandbase, following senior roles at Amazon Prime Video, VisibleRisk, and BitSight.
James Saunders – Chief Information Security Officer at the Maryland Technology Department
Maryland Technology Department has appointed James Saunders as Chief Information Security Officer, where he will lead efforts to secure the statewide IT infrastructure and data while advancing cybersecurity workforce development. Saunders brings extensive federal experience, having served as Deputy CIO and former CISO at the U.S. Office of Personnel Management, and held leadership roles at the Small Business Administration. He also held cybersecurity roles at USAID, Raytheon, and T. Rowe Price.
Brian Gardner – Chief Information Security Officer at the City of Austin
Brian Gardner has been named the City of Austin’s new Chief Information Security Officer. His appointment comes just three months after he was named Deputy Chief Information Officer in February, marking a swift promotion within the city’s technology leadership. Gardner brings extensive public sector IT experience to the position, having previously served as Chief Information Officer and Chief Technology Officer for the City of Dallas. In his new role, Gardner is expected to lead the city’s cybersecurity strategy, with responsibilities spanning risk management, policy development, threat mitigation, and interdepartmental coordination. He will also oversee initiatives aimed at enhancing the city’s cyber resilience and ensuring compliance with state and federal security standards.
Max Shier – Chief Information Security Officer at Amentum
Amentum has appointed Max Shier as Vice President and Chief Information Security Officer. A cybersecurity veteran with nearly 30 years of experience, Shier previously served as CISO at Optiv and held senior cyber roles at Lockheed Martin and Boeing. A retired U.S. Air Force officer, he also held leadership positions at the Defense Security Service. Shier brings deep expertise in digital transformation and cybersecurity program development to Amentum’s government contracting operations.
Vitaly Gudanets – Chief Information Security Officer at Anthropic
Anthropic has named Vitaly Gudanets as its new Chief Information Security Officer, following his nearly four-year tenure as CISO at Netflix. A seasoned cybersecurity executive, Gudanets also spent over a decade at Google, where he served as Vice President of Security Engineering, and was a member of AWS’s Global CISO Advisory Council. At Anthropic, he will lead efforts to strengthen security, protect research, and support safe AI development.
Keven Sticher – Chief Information Security Officer at Collective Health
Collective Health has named Keven Sticher as Chief Information Security Officer and Vice President of Engineering, strengthening its leadership in cybersecurity and infrastructure. Sticher brings over 20 years of experience in cloud security, risk management, and compliance, with prior roles including VP of Product and Cloud Security at Dun & Bradstreet and CISO at Nomi Health. At Collective Health, he will oversee security, infrastructure, and IT, ensuring continued protection of sensitive healthcare data.
Shane Barney – Chief Information Security Officer at Keeper Security
Keeper Security has named Shane Barney as its new Chief Information Security Officer. Barney joins the cybersecurity firm after a distinguished 20-year tenure at U.S. Citizenship and Immigration Services (USCIS), where he most recently served over six years as CISO. His federal career also included nearly a decade as deputy CISO and leadership of USCIS’s Cyber Intelligence Branch. At Keeper Security, Barney brings deep expertise in government cybersecurity and threat intelligence, enhancing the company’s capabilities in secure password management and zero-trust architecture.
Trusted insights for technology leaders
Our readers are CIOs, CTOs, and senior IT executives who rely on The National CIO Review for smart, curated takes on the trends shaping the enterprise, from GenAI to cybersecurity and beyond.
Subscribe to our 4x a week newsletter to keep up with the insights that matter.
Danielle Gerko – Chief Information Security Officer at Concurrent Technologies Corp.
Concurrent Technologies Corp. has appointed Danielle Gerko as Chief Information Security Officer, elevating her from her prior role as cybersecurity operations manager. Gerko brings extensive industry experience, including her time as CISO at NPC and CIO at Pennsylvania Highlands Community College. A Certified Information Systems Security Professional, she also recently earned the CMMC Assessor and Lead CCA designations. Under her leadership, CTC achieved CMMC Level 2 certification, reinforcing its cybersecurity posture.
Russ Ayres – Chief Information Security Officer at Principal Financial Group
Principal Financial Group has appointed Russ Ayres as its new Vice President and Chief Information Security Officer, positioning the executive to lead the company’s global information security strategy and safeguard both company and customer data assets. Ayres joins Principal following a distinguished tenure at Equifax, where he served as Deputy Chief Information Security Officer and Global Head of Cyber. In these roles, he led critical functions including insider threat management, cyber intelligence, threat and vulnerability management, and fraud monitoring. He also previously served as Senior Vice President of Global Security Architectural Engineering and interim Chief Security Officer at Equifax.
Elyse Gunn – Chief Information Security Officer at Nasuni
Nasuni has announced Elyse Gunn as Chief Information Security Officer to lead its global security and compliance function. Gunn brings deep expertise in security and compliance leadership for SaaS businesses, with a track record of building security-by-design cultures and implementing AI governance frameworks. She most recently served as Director of Security, Governance, Risk & Compliance at Pax8 and Quickbase, where she led product security initiatives and successfully drove multiple certifications. At Nasuni, she will oversee information security operations, product security, AI governance, and regulatory alignment.
Rinki Sethi – Chief Security Officer at Upwind Security
Upwind Security has appointed Rinki Sethi as Chief Security Officer to lead its global information security and technology functions. Sethi brings over 20 years of cybersecurity experience, with executive roles at companies including Twitter, Rubrik, Palo Alto Networks, and IBM. She also serves on the boards of Vaultree and ForgeRock and is a founding partner at Lockstep Ventures. Prior to joining Upwind, Sethi was one of its early customers, giving her direct insight into the platform.
Dale Hoak – Chief Information Security Officer at RegScale
RegScale has promoted Dale Hoak to Chief Information Security Officer to lead the company’s cybersecurity strategy, risk management, and compliance efforts. A U.S. Navy veteran and RegScale’s first security hire, Hoak has played a key role in the company’s growth, guiding it to achieve FedRAMP High, SOC 2 Type 2, and CSA STAR certifications. He also built RegScale’s 24/7 Security Operations Center and developed its end-to-end security framework. With a background spanning the Department of Defense and the private sector, Hoak brings deep expertise in security operations, cloud technologies, and DevSecOps.
Jeff Conklin – Chief Security Officer at The Cybersecurity and Infrastructure Security Agency
The Cybersecurity and Infrastructure Security Agency (CISA) has appointed Jeff Conklin as Chief Security Officer, bringing extensive federal IT and cybersecurity leadership experience to the role. Conklin previously served as CSO and CIO at U.S. Citizenship and Immigration Services, overseeing agency-wide IT and cybersecurity operations. His career includes senior positions at the U.S. Coast Guard, Department of Education, and Defense Information Systems Agency, where he led enterprise IT initiatives supporting national security and defense networks. At CISA, Conklin will lead security strategy and operations.
Chris Gergen – Chief Information Security Officer at North Dakota Information Technology
North Dakota Information Technology has appointed Chris Gergen as Chief Information Security Officer, following his tenure as Interim CISO. Gergen brings nearly 20 years of experience in cybersecurity, risk management, and IT, and has held key leadership roles within NDIT since joining in 2019. He previously served as Director of Cyber Operations and played a central role in establishing the state’s Cyber Operations Center. As CISO, Gergen will lead North Dakota’s cybersecurity strategy with a focus on resilience, collaboration, and safeguarding digital services for citizens and government partners.
Sundararajan ‘Srini’ Srinivasan – Chief Information Security Officer at Root Inc.
Root Inc. has appointed Sundararajan “Srini” Srinivasan as Chief Information Security Officer and Head of IT. Srini brings extensive experience leading cybersecurity, IT, and data strategy across major organizations. He previously served as CISO at Chewy, and held senior technology leadership roles at Citizens Bank and Staples, where he led enterprise data platforms, corporate systems, and security initiatives. At Root, he will drive enterprise-wide security and IT strategy, focusing on operational resilience, regulatory compliance, and enabling innovation through a strong security-first culture.
Joe Lewis – Chief Information Security Officer at the Georgia Institute of Technology
The Georgia Institute of Technology has named Joe Lewis as Associate Vice President of Information Technology and Chief Information Security Officer. Lewis brings over two decades of cybersecurity leadership, with experience across federal agencies, defense, and the private sector. He most recently served as VP of Cybersecurity Solutions at Leidos and interim CISO for its subsidiary, QTC Health Services. He previously held senior security roles at the CDC, Department of Energy, and Department of the Army. At Georgia Tech, Lewis will oversee information security and risk management strategy, leading efforts to protect institutional data and ensure compliance.
Radhika Bajpai – Chief Information Security Officer at Russell Investments
Radhika Bajpai has been appointed Chief Information Security Officer at Russell Investments. She brings more than two decades of cybersecurity and risk leadership across global financial services and technology organizations. Most recently, she led technology and information security governance at The College Board, and previously held senior roles at PayPal, Google Cloud, BNY Mellon, and Goldman Sachs. Bajpai also founded Global Security Insights, a think tank focused on GRC, AI governance, and cybersecurity innovation.
Daniel Langley – Chief Information Security Officer for the State of Oklahoma
The State of Oklahoma has appointed Daniel Langley as its new Chief Information Security Officer. Langley brings over 15 years of cybersecurity and public-sector IT leadership experience, most recently serving as Network Security Architect and Interim Deputy CISO at Washington Technology Solutions (WaTech). He previously held roles as CISO for Washington’s Lottery and in cybersecurity at CoinFlip. At Oklahoma’s Office of Management and Enterprise Services, Langley will lead statewide cybersecurity strategy, oversee the Oklahoma Cyber Command and Security Operations Center, and drive risk and infrastructure policy for over 180 state entities.
Rob Gregory – Chief Information Security Officer at Optiv
Optiv has appointed Rob Gregory as Vice President and Chief Information Security Officer. Bringing more than 16 years of cybersecurity leadership across financial services and government sectors, Gregory will lead Optiv’s security strategy with a focus on reducing cyber risk and enhancing operational resilience. He joins Optiv from Security Benefit, where he served as AVP and CISO. Gregory previously held security leadership roles at the Federal Home Loan Bank of Topeka and spent more than eight years in the U.S. Army, where he served as an Information Assurance Manager.
Robert Nettles – Chief Information Security Officer at Centre Technologies
Centre Technologies has named Robert Nettles as its new Chief Information Security Officer. Nettles brings over two decades of cybersecurity and IT leadership experience, with deep expertise in privacy, risk management, and secure-by-design frameworks. Prior, Nettles served as Information Security and Privacy Officer at Pon, where he helped build and lead IT security programs across the Americas. He previously spent nearly 21 years at PwC, rising to Senior Manager and specializing in industrial control systems and cybersecurity initiatives. At Centre, Nettles will embed security throughout its service delivery, strengthen incident response procedures, and develop consistent security playbooks to ensure scalable, proactive protection for customers.
Jason Barnett – Chief Information Security Officer at Oracle Health and Global Industries
Oracle has appointed Jason Barnett as Vice President and Chief Information Security Officer for Oracle Health and Global Industries. Barnett brings more than 25 years of experience in enterprise risk management, compliance, and security operations, with a strong record in healthcare and critical infrastructure sectors. He joins Oracle from HCA Healthcare, where he spent over a decade in leadership roles, most recently serving as Chief Security Officer. He previously held positions as CISO and AVP of Information Protection & Assurance, building resilient cybersecurity capabilities, managing enterprise risk, and driving innovation in healthcare data protection. In his new role, Barnett will lead Oracle’s security strategy across its healthcare and global industry verticals.
Aanchal Gupta – Chief Security Officer at Adobe
Adobe has appointed Aanchal Gupta as Chief Security Officer, where she will lead the company’s global cybersecurity strategy and support its expanding AI governance efforts. Gupta joins Adobe after more than five years at Microsoft, where she held several senior security roles, including CVP and Deputy CISO, and most recently CVP for the Office Product Group. Her earlier experience includes time as CISO at Meta and Skype, and as Director of Engineering at Yahoo.
Brock Kahanyshyn – Chief Information Security Officer at Consero Global
Consero Global has appointed Brock Kahanyshyn as Chief Information Security Officer and EVP of Information Technology, reporting to newly promoted Chief Corporate Development & Information Systems Officer Tyler Nelson. Kahanyshyn brings 25 years of experience leading cybersecurity, AI infrastructure, and digital modernization across sectors including public safety, higher education, and national research. He previously served as CIO at the University of Calgary and Edmonton Police Service and led Canada’s national DRI cybersecurity strategy. At Consero, he will oversee security and IT operations to support innovation, scale, and client value.
Christopher DeBrunner – Chief Information Security Officer at CBTS
CBTS has appointed Christopher DeBrunner as its new Chief Information Security Officer, bringing over 20 years of IT and cybersecurity leadership to the role. DeBrunner has held several key positions at CBTS over the past 14 years, most recently serving as VP of Security Operations & Compliance, where he built a comprehensive cyber and compliance team. As CISO, he will lead CBTS’s security strategy, focusing on threat detection, zero trust architecture, and AI-driven protection for enterprise clients.
Rajesh David – Chief Information Security Officer at Amrize
Rajesh David has been named Chief Information Security Officer at Amrize, bringing over two decades of cybersecurity leadership across healthcare, finance, and manufacturing sectors. Prior to joining Amrize, he served as Global CISO at Molex and held CISO roles at Rush University System for Health, GE Capital, and Tellabs. In his new role, David will lead Amrize’s global cyber strategy, strengthening the company’s digital resilience as it scales.
Aashish Patel – Chief Security Officer at the Delaware Department of Technology and Information
Aashish Patel has been appointed Chief Security Officer for the Delaware Department of Technology and Information after serving in the role on an interim basis since March 2025. Patel joined the agency in 2021 as Director of Enterprise Security Operations and brings nearly 30 years of experience in cybersecurity and infrastructure leadership, including previous roles at Sapiens, Adaptik, Lucent, AT&T, and IBM. He will lead the state’s cybersecurity strategy under CIO Gregory Lane.
Eric Murphy – Chief Information Security Officer at Saronic Technologies
Eric Murphy has been appointed Chief Information Security Officer at Saronic Technologies, bringing over 20 years of cybersecurity leadership experience across enterprise and government sectors. He will lead the company’s cybersecurity and risk management strategy, embedding security across software, engineering, and manufacturing functions. Murphy previously served as CISO at Workrise and held senior security roles at SpyCloud, Squarespace, and WP Engine.
Leslie Nielsen – Chief Information Security Officer at Mimecast
Mimecast has named Leslie Nielsen as Chief Information Security Officer, bringing more than 25 years of cybersecurity experience to the role. Nielsen most recently served as SVP and CISO at Klaviyo, where he led the company’s security function through IPO readiness and helped scale operations to $1.3B in revenue. At Mimecast, he will oversee global cybersecurity strategy, including threat intelligence, risk assessment, and regulatory compliance. Nielsen has held senior security roles at Nuance Communications, SAP Concur, and IBM, and was a member of Google’s CISO Cloud Advisory Board.
Mrityunjay Gautam – Chief Information Security Officer at Instacart
Instacart has appointed Mrityunjay “MJ” Gautam as Chief Information Security Officer, bringing over 15 years of leadership in cybersecurity, AI security, and offensive security engineering to the role. Gautam most recently served as Vice President of Security & AI Red Team at Databricks, where he led enterprise security, red teaming, AI risk management, and secure development lifecycle programs. Prior to Databricks, he held several senior roles at Citrix, including Senior Director of Security Engineering, where he led global red and blue teams, vulnerability response, and security automation. He has also served as a security researcher at Symantec and is currently a technical advisor to Nightfall AI. At Instacart, Gautam will lead cybersecurity strategy and innovation as the company expands its digital footprint and AI capabilities.
Georgeo Pulikkathara – Chief Information Officer and Chief Information Security Officer at iMerit
iMerit has appointed Colonel Georgeo Xavier Pulikkathara, a decorated U.S. Army veteran, as Chief Information Officer and Chief Information Security Officer. With over 34 years of experience across defense, banking, healthcare, and tech sectors, Pulikkathara will lead iMerit’s global IT and cybersecurity strategy. He currently serves as CIO and CISO for the U.S. Army Reserve’s 81st Readiness Division, overseeing technology operations for 50,000 personnel. His previous roles include senior positions at Microsoft, HP Enterprise, RBC Capital Markets, and AIG. A two-time Bronze Star recipient, Pulikkathara brings deep expertise in securing complex environments and holds multiple advanced certifications.
Tracy Griffin – Chief Information Security Officer at Bon Secours Mercy Health
Bon Secours Mercy Health has appointed Tracy Griffin as Chief Information Security Officer following her service in the interim role since May 2025. Griffin brings over two decades of experience in healthcare cybersecurity, HIPAA compliance, and information governance. She joined the organization in 2010 and most recently served as System Director of Information Security Risk and Assurance. As CISO, she will lead cybersecurity strategy, with a strong focus on third-party risk and data protection.
Brett Hoffman – Chief Information Security Officer at SpartanNash
SpartanNash has appointed Brett Hoffman as Vice President and Chief Information Security Officer. Reporting to incoming CIO Ed Rybicki, Hoffman will lead the company’s cybersecurity strategy across its retail, supply chain, and corporate environments. He brings expertise in enterprise security architecture and risk management, having previously served as CISO at MillerKnoll and held cybersecurity leadership roles at Inspire Security Solutions, HealthEquity, Amway, and Corewell Health.
Wendy Zacchio – Chief Information Officer and Chief Digital Officer at Vestis Corporation
Vestis Corporation has named Wendy Zacchio as Senior Vice President, Chief Information Officer, and Chief Digital Officer. Zacchio is a seasoned technology executive with more than 25 years of experience leading large-scale IT transformation, AI-driven innovation, and global digital modernization across financial services, healthcare, and insurance. Most recently, Zacchio served as Enterprise CIO at Zelis, where she oversaw enterprise technology, cybersecurity, and AI strategy, driving major advancements in cloud migration, automation, and user experience. She previously held senior technology leadership roles at Cigna, where she served as CIO of International Markets across 30+ countries, and at AIG and The Hartford, leading enterprise modernization initiatives. At Vestis, Zacchio will guide digital strategy, enterprise platforms, data and analytics, cybersecurity, and field technology.
Jim Desmond – Chief Information Security Officer at HireRight
HireRight has appointed Jim Desmond as Chief Information Security Officer, where he will lead the company’s global cybersecurity and risk management strategy. Desmond brings over 20 years of experience, most recently serving as Chief Security Officer at Asurion, with prior leadership roles at Vantiv, Elevate, and Intuit. He will focus on strengthening HireRight’s security posture, protecting data, and supporting innovation across its global operations.
Gregg Cottage – Chief Information Officer and Chief Information Security Officer at NN, Inc.
NN, Inc. has promoted Gregg Cottage to Chief Information Officer and Chief Information Security Officer, expanding his leadership over the company’s IT and cybersecurity functions. With more than 30 years of IT experience, Cottage has been with NN since 2014, most recently serving as Global Director of Information Technology. He has led the company’s IT organization since 2023 and now assumes responsibility for driving NN’s technology transformation and enterprise security strategy.
Ravi Soin – Chief Information Security Officer at Smartsheet
Smartsheet has appointed Ravi Soin as Chief Information Security Officer to lead its global IT and security strategy. With over 20 years of experience, including roles as CIO & CISO at Edifecs and leadership positions at Microsoft, Soin will guide Smartsheet’s cybersecurity, data privacy, and IT infrastructure amid expanding AI capabilities. A recognized leader in the Seattle tech community, he will play a key role in strengthening the company’s enterprise-grade platform and supporting its global growth.
Stan Black – Chief Information Security Officer at D-Wave Quantum Inc.
D-Wave Quantum Inc. has appointed Stan Black as Chief Information Security Officer to lead its cybersecurity, risk, and compliance strategy. Black brings over two decades of experience from roles at Dell, RSA, Citrix, and Nuance, where he led global security initiatives across complex tech environments. At D-Wave, he will align security efforts with business objectives, guide AI and ML governance, and support the company’s continued growth in quantum computing.
Ty Sbano – Chief Information Security Officer at Webflow
Webflow has appointed Ty Sbano as Chief Information Security Officer to lead its global security strategy as the company scales toward enterprise growth. Sbano brings nearly 20 years of experience building security programs at Vercel, Capital One, JPMorgan Chase, LendingClub, and Target. Known for embedding security into product development, he will focus on advancing Webflow’s resilience and trust posture while supporting innovation.
Rajendra Umadas – Chief Information Security Officer at RAD Security
RAD Security has named Rajendra “Raj” Umadas as its first Chief Information Security Officer to lead internal security, risk, and trust functions and shape AI-native product strategy. Umadas brings over a decade of experience scaling security programs at Spotify, Squarespace, Etsy, and ActBlue. Previously an advisor to RAD since 2022, he joins as the company accelerates growth following its Series A. His appointment strengthens RAD’s position in cloud and AI protection amid growing demand for scalable, intelligent security solutions.
CIOs on the Move is brought to you by CIO Professional Network. Join the fastest growing online community for technology executives seeking to Connect, Collaborate, and Contribute. Established by a former CIO, the CIO Professional Network is a vendor-free, member-driven, member-led, and member-supported community of technology executives who seek an easier way to network, learn, mentor, and grow in a private, trusted environment.
