The role of the Chief Information Security Officer (CISO) is growing and has emerged as a pivotal player in the boardroom — shaping not just security protocols but also business strategy.
According to Gartner, 64% of board directors say their organisation is trying to significantly alter its economic architecture to put more emphasis on digital, whether that be revenues, margins, productivity. At the same time, 88% say they recognise cybersecurity is a risk to the business.
This month, Cyber Magazine features 10 of the leading CISOs who are leading the charge in cybersecurity innovation, governance and resilience.
10. Kevin Cross, SVP, CISO, Dell Technologies
Kevin Cross serves as VP and CISO for Dell Technologies’ Security and Resiliency Organisation. Cross has extensive experience leading incident analysis and response, threat intelligence, threat hunting, ethical hacking, forensics and e-discovery, penetration testing and vulnerability management functions for large organisations in both the public and private sectors.
Prior to joining Dell, Cross served as VP and Deputy CISO at Sony. He also founded and developed world-class security operations centres at Sony, the US Counterintelligence Field Activity (CIFA), the Pentagon and the Defense Intelligence Agency.
9. Brent Conran, CISO, Intel
A specialist in business transformation, strategic planning, continuous process improvement, organisational change management, leadership, customer-focused business, budget planning, development and control, Conran has driven initiatives involving organisational change in both public and private sector organisations.
Conran’s recent operational leadership roles include strategic planning and management for a global corporation with annual revenues of US$68bn, while he served as Chief Information Officer and Chief Information Security Officer for the US House of Representatives where he introduced security incident management systems, emergency response preparedness plans, and disaster recovery programmes.
8. Gary Harbison, Global Chief Information Security Officer, Johnson & Johnson
A proven security leader with more than 19 years of experience in the infosec domain, including roles at multiple global Fortune 500 companies and public sector experience with the US Department of Defense, Gary Harbison’s background includes technical experience, strategy and architecture focused roles, cyber and threat experience and various leadership roles.
With a track record of developing security and risk management programs built to evolve with changing business needs and evolving threats, he also serves as an advisor to several cyber security startups, sits on multiple Executive Advisory Boards for Cybersecurity companies, and is a frequent speaker at industry events.
7. Michael McNeil, SVP, Global CISO, McKesson
As Global CISO, Michael McNeil is responsible for enhancing and overseeing McKesson’s information and operational technology security strategy program, as well managing information security governance.
McNeil has an extensive background in cybersecurity and significant experience in the healthcare industry. Most recently, he served as the Global Product and Security Officer for Royal Philips, where he deployed consistent processes across its entire portfolio of healthcare products and services. He has also held senior leadership positions at Medtronic, Liberty Mutual Group, Pitney Bowes, and Reynolds & Reynolds.
6. George Stathakopoulos, VP Corporate Information Security, Apple
Vice President of Corporate Information Security at Apple, George Stathakopoulos is an experienced executive with a demonstrated history of working in the consumer electronics industry. Skilled in scalability, enterprise software, culture change, online services, and vulnerability assessment, he is a strong military and protective services professional with a Bachelor's degree focused in Computer Science from Portland State University.
Before joining Apple in 2016, he held roles including Vice President of Information Security at Amazon, and General Manager of Product Security at Microsoft.
5. Phil Venables, CISO, Google Cloud
Phil Venables is the CISO of Google Cloud, where he leads the risk, security, compliance and privacy teams. He joined Google in 2020, after spending more than 25 years as a CISO at multiple financial services companies.
Before joining Google, he was a Partner at Goldman Sachs where he held multiple roles over a long career, initially as their first CISO.
Venables is a specialist in information and cyber security, cloud services, enterprise risk, technology risk and business resilience with significant experience in multiple industries and multiple geographies — from in-depth engineering to board-level management.
4. Bret Arsenault, CVP, CISO, Microsoft
As the Chief Information Security Officer for Microsoft, Bret Arsenault is responsible for enterprise-wide information security, compliance and business continuity efforts and leads a global team of security professionals with a strategic focus on information protection, assessment, awareness, governance and enterprise business continuity.
Arsenault currently serves as the Chairman of Microsoft’s Information Risk Management Council, and hosts Microsoft’s Security Council, a forum with enterprise customers that drives product direction and operational best practices.
He has the proven ability to build robust and successful security programmes, leveraging his deep technical background and strong business acumen to align engineering with executive vision.
3. Chandra McMahon, SVP & CISO, CVS Health
With more than 30 years of experience in senior leadership managing large and complex security programmes, Chandra McMahon leads CVS Health’s Global Security organisation, and is responsible for protecting the enterprise from cyber threats and driving its mission to help people on their path to better health.
Previously, McMahon served as Senior Vice President and Chief Information Security Officer for Verizon, and before that, she held numerous leadership roles at Lockheed Martin, including as Vice President and Chief Information Security Officer.
2. CJ Moses, CISO & VP of Security Engineering, Amazon
Before joining AWS in 2007, Moses had an extensive career within the US Federal Government, most recently with the Federal Bureau of Investigation (FBI). Prior to this, he was an US Air Force Office of Special Investigations (AFOSI) Special Agent, where he served as the lead case agent on pioneering computer intrusion investigations, building the foundation for the current cybersecurity industry.
He served as the deputy CISO at AWS before succeeding former AWS CISO Stephen Schmidt in 2022. He became the CISO of Amazon in October 2023.
1. Jerry Geisler, SVP & Global CISO, Walmart
Walmart’s Information Security program, under Geisler’s leadership, is considered a forward-thinking industry-leader focused on emerging best-in-class information security practices, innovation and business enablement broadly engaged across IT, OT, cloud, platform and product security domains.
Geisler serves as an Enterprise Board member of Team8, an incubator and venture capital fund based in Tel Aviv. He is also a long-serving program committee member for the RSA Executive Security Action Forum and member of the University of Tulsa Board of Trustees. Geisler is an armed forces veteran, having served honourably in the United States Marine Corps and is long-term associate with Walmart, beginning his career with the company as a cashier in his hometown store more than three decades ago.