In today's rapidly evolving digital landscape, the role of the Chief Information Security Officer (CISO) has become increasingly vital.
As organisations face an unprecedented number of cyber threats, CISOs are not only responsible for safeguarding sensitive information but also play a crucial role in shaping business strategies and governance frameworks.
Recognising this, board members and c-suite executives are giving cyber leads increasing heed as the push to digitally transform their operations grow. Leading companies are recognising that effective cybersecurity is integral to their operational resilience and overall success.
This year, Cyber Magazine has curated a list of the top 10 CISOs who exemplify excellence in the field.
10. Basim Al-Ruwaii, CISO at Saudi Aramco
Basim Al-Ruwaii, the Chief Information Security Officer at Saudi Aramco, brings over swathes of experience in the oil and gas sector to his role. His extensive background in the industry has positioned him as a key figure in shaping Saudi Aramco's cybersecurity strategy. In his current role, Basim has been instrumental in forging partnerships to enhance the company's digital defences.
He recently signed a memorandum of understanding with Dragos, a global leader in operational technology cybersecurity, aimed at protecting critical industrial assets and infrastructure for Aramco and its affiliates. Basim's commitment to cybersecurity extends beyond his company; he has contributed to a World Economic Forum paper on enhancing cyber resilience in the oil and gas industry. This collaborative effort underscores his dedication to addressing sector-wide challenges and fostering a more secure digital landscape for the energy sector.
8. CJ Moses, CISO and VP of Security Engineering at Amazon
CJ Moses, the Chief Information Security Officer (CISO) and VP of Security Engineering at Amazon, brings a wealth of experience to his role. With a background in the United States Air Force and the Federal Bureau of Investigation, Moses has been at the forefront of cybersecurity for decades. His journey at AWS began in 2007, and he assumed the position of CISO in 2022, before becoming Amazon CISO in October 2023.
In his current role, Moses leads secure product design, management and development efforts at Amazon, focusing on bringing the competitive, economic and security benefits of cloud computing to millions of customers worldwide. His approach to security is characterised by a strong emphasis on automation, scalability and customer visibility. Moses advocates for making security the path of least resistance, believing that simplifying security processes naturally encourages their adoption across the organisation.
7. Mary Ann Davidson, Chief Security Officer at Oracle
Mary Ann Davidson, the Chief Security Officer at Oracle Corporation, has carved out a distinguished career in the realm of cybersecurity. Her journey at Oracle began in 1988 as a product manager in the financial software business unit, but it was in 1993 that she transitioned into the field of computer security. Since then, Davidson has been at the forefront of Oracle's security initiatives, spearheading the company's Software Security Assurance programme.
Throughout her tenure, Davidson has garnered numerous accolades for her contributions to the field. Her expertise has been recognised beyond the corporate sphere, as evidenced by her appointment to the Defense Science Board and her role as a member of the Center for Strategic and International Studies Commission on Cybersecurity for the 44th Presidency. Davidson's influence extends to policy-making circles, where she has provided testimony on cybersecurity to various U.S. House and Senate committees. Her commitment to the industry is further exemplified by her service on the board of the Information Technology Information Sharing and Analysis Center and her induction into the Information Systems Security Association Hall of Fame.
7. Chris Betz, CISO at AWS
Chris Betz, the Chief Information Security Officer at Amazon Web Services (AWS), brings a wealth of experience to his role, having previously served as the CISO at Capital One. Betz's unique perspective as a former AWS customer informs his approach to cloud security, emphasising the importance of trust and partnership across the shared responsibility model. In his current position, he oversees the development and implementation of security policies, with the aim of managing risk and aligning AWS's security posture with its business objectives.
Betz's vision for AWS Security is centred on making security a growth lever for customers, rather than an added friction. He advocates for a proactive and comprehensive security approach, treating it as an integral part of AWS services rather than an add-on. Under his leadership, AWS harnesses its extensive infrastructure to identify and mitigate threats at scale, utilising tools such as Sonaris to detect and neutralise unauthorised access attempts. Betz's commitment to security extends beyond technological solutions, as he emphasises the cultivation of a security-first culture throughout AWS. This is exemplified by the company's 'security ratchet' concept, which ensures continuous improvement in security practices by codifying every lesson learned into tools and processes.
6. Noopur Davis, Executive VP and Chief Information Security and Product Privacy Officer at Comcast
Noopur Davis, the Executive Vice President and Chief Information Security and Product Privacy Officer at Comcast Corporation and Comcast Cable, stands at the forefront of cybersecurity in the telecommunications industry. In her role, Davis oversees a comprehensive range of security functions for all Comcast Cable businesses, including product security and privacy, security controls, privacy engineering and operations, data protection, and security architecture.
Her responsibilities extend to safeguarding the company's vast array of products and services delivered to both residential and business customers. Davis's expertise is not limited to her current position at Comcast. Prior to joining the media and technology giant, she held the position of Vice President of Global Quality at Intel Security Group Her illustrious career also includes a stint as a Visiting Scientist and Senior Member of Technical Staff at Carnegie Mellon University's Software Engineering Institute. Davis's accolades are numerous, having been recognised multiple times on the Cablefax 100, Cablefax Diversity, and Cablefax Most Powerful Women lists. She was also honoured with the WICT/SCTE•ISBE/Cablefax Women in Technology award and the WeQual 2021 award, underscoring her significant contributions to the field.
5. John Scimone, President and Chief Security Officer at Dell Technologies
John Scimone serves as the President and Chief Security Officer at Dell Technologies, where he spearheads the company's global corporate security and resiliency programmes. In this pivotal role, John oversees a comprehensive spectrum of responsibilities, including cybersecurity, product and application security, physical security, insider risk management, fraud prevention, and crisis management. His position is unique in that he reports directly to Dell's General Counsel, a strategic alignment that underscores the company's commitment to integrating security considerations across all business operations
Prior to joining Dell, John held the position of Global Chief Information Security Officer for the Sony Group, where he faced one of the most challenging cybersecurity incidents in corporate history. Just weeks into his tenure at Sony in 2014, the company was hit by a devastating nation-state attack that resulted in the destruction of thousands of computers and servers. This experience undoubtedly shaped Scimone's approach to security leadership, emphasising the critical importance of comprehensive incident response planning and cross-functional collaboration. At Dell, he has championed the concept of a converged security organisation, advocating for a holistic approach to risk management that extends beyond traditional IT boundaries.
4. Jerry Geisler, Senior VP and Global CISO at Walmart
Jerry Geisler, the Senior Vice President and Global Chief Information Security Officer at Walmart, stands as a towering figure in the realm of cybersecurity. With over three decades of experience at the retail giant, Jerry has been instrumental in shaping Walmart's information security practices since their early adoption. His leadership has transformed the company's security teams into a forward-thinking, technically-savvy organisation that focuses on leading information security practices, innovation, and business enablement.
Under Jerry's stewardship, Walmart's Information Security programme has become an industry leader, broadly engaged across IT, ICS, cloud, platform and product security domains. His responsibilities encompass data security for Walmart's vast network of 230 million customers and 2.3 million associates, as well as overseeing the information security strategy, engineering, operations, testing and assessment, services, risk and compliance for the global enterprise. Geisler's expertise extends beyond Walmart, as he serves on the board of Team8, a cybersecurity incubator and venture capital fund.
3. Rich Agostino, Senior VP and CISO at Target
Rich Agostino, the Senior Vice President and Chief Information Security Officer at Target, stands at the forefront of cybersecurity in the retail sector. In his role, Rich leads Target's global cybersecurity team, employing a proactive threat-driven strategy to protect the company, its team members and guests from cyber threats. His approach leverages advanced in-house experts, a 24/7 Cyber Fusion Center, and innovative custom-developed solutions, showcasing Target's commitment to staying ahead in the ever-evolving landscape of digital security.
Rich's expertise extends beyond his current position at Target. He serves as the Chair of the Board of Directors for the Retail & Hospitality ISAC and holds advisory positions on the PCI Security Standards Council and Google's CISO Advisory Board. These roles underscore his influence in shaping cybersecurity standards across industries. Rich's accolades include being inducted into the CSO Hall of Fame, highlighting his significant contributions to the field of information security and his leadership in fostering a robust security culture, not only within Target but across the broader retail and technology sectors.
2. George Stathakopoulos, Apple's VP of Corporate Information Security
George Stathakopoulos, Apple's Vice President of Corporate Information Security, brings a wealth of experience to his role at the tech giant. Having joined Apple in March 2016, Stathakopoulos oversees the protection of corporate assets, including the computers used to design products and develop software, as well as safeguarding customer data. His appointment came at a crucial time for Apple, coinciding with the company's high-profile battle with the FBI over maintaining the integrity of iOS devices.
Prior to his tenure at Apple, Stathakopoulos held significant positions in the tech industry, including a six-year stint as Vice President of Information Security at Amazon.com and nearly two decades at Microsoft, where he served as GM of Product Security. His expertise in scalability, enterprise software, and vulnerability assessment has proven invaluable in his current role. Beyond his corporate responsibilities, Stathakopoulos serves as an advisor on the Cybersecurity Advisory Committee for the Cybersecurity and Infrastructure Security Agency, contributing to efforts to strengthen the United States' cybersecurity posture.
1. Phil Venables, CISO at Google Cloud
Phil Venables, the CISO at Google Cloud, brings a wealth of experience to his role, having spent over 25 years as a CISO at multiple financial services companies before joining Google in 2020. His expertise in information and cyber security, as well as enterprise risk and technology risk, has made him a respected figure in the industry.
Venables leads the risk, security, compliance and privacy teams at Google Cloud, where he is responsible for safeguarding critical infrastructure and data for countless organisations worldwide.
Throughout his career, Venables has received numerous accolades for his contributions to the field of cybersecurity. In 2008, he was honoured with multiple awards at the RSA Conference, recognising his excellence in security practices. His dedication to protecting critical infrastructure was further acknowledged in 2017 when he received the FS-ISAC Critical Infrastructure Award. More recently, Venables was presented with the ISACA Wasserman Award and the SINET Innovation Award in 2019, cementing his status as a leading figure in the cybersecurity landscape. These accolades underscore Venables' significant impact on the industry and his continued commitment to advancing the field of information security.
Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.
Discover all our upcoming events and secure your tickets today.
Cyber Magazine is a BizClik brand
