In 2025, the role of the Chief Information Security Officer has moved decisively beyond tools, controls, and incident response. Today’s CISOs are shaping enterprise strategy, advising governments, and redefining how organizations think about risk, resilience, and trust in an increasingly unstable digital environment.
The leaders highlighted here represent a new security archetype: executives who balance operational defense with long-term business enablement, regulatory accountability, and cultural leadership. These CISOs are not just protecting systems; they are influencing how modern organizations operate, adapt, and endure.
Deneen DeFiore
VP & Chief Information Security Officer, United Airlines
Deneen DeFiore sits at the intersection of cybersecurity and critical infrastructure, leading digital risk and cyber resilience for one of the world’s largest airlines. Beyond aviation, her role advising the White House through NIAC reflects a broader influence on how national infrastructure security is shaped. She is equally known for championing mentorship as a strategic imperative for the future of the profession.
Adam Evans
Senior Vice President & Chief Information Security Officer, RBC
With more than two decades in enterprise security, Adam Evans leads the execution of RBC’s global cyber strategy across threat intelligence, incident response, application security, and data protection. His remit reflects the modern CISO mandate: unifying operational defense, analytics, and risk governance at financial-system scale. Evans’ work underscores how banking security has become inseparable from business continuity.
Angela Williams
SVP & Chief Information Security Officer, UL Solutions
Angela Williams is known for translating cybersecurity from a control function into a business enabler. At UL Solutions, she leads a global program that balances regulatory rigor with transformation, aligning security outcomes to organizational strategy. Her leadership emphasizes talent development and culture as foundational elements of cyber resilience.
Tim Held
EVP & Chief Information Security Officer, U.S. Bank
Tim Held brings a deeply human lens to financial cybersecurity, framing protection of data and systems as protection of people and families. As CISO of U.S. Bank, he oversees one of the industry’s most mature security programs while prioritizing customer education as a strategic defense layer. His background in education continues to shape how security awareness is operationalized at scale.
Lucia Milică Stacy
Global Chief Information Security Officer, Stanley Black & Decker
Lucia Milică Stacy combines deep technical expertise with legal and business acumen, reflecting the evolving complexity of the CISO role. At Stanley Black & Decker, she oversees global security and privacy while contributing to national policy discussions through advisory and board roles. Her influence extends beyond enterprise security into shaping industry and government collaboration.
Mandy Andress
Chief Information Security Officer, Elastic
Mandy Andress has built security programs through periods of rapid growth and public-company scrutiny, positioning security as a catalyst rather than a constraint. As CISO of Elastic, she pairs operational leadership with deep involvement in the venture ecosystem, advising and investing in early-stage security innovation. Her work bridges enterprise defense and the future direction of the industry.
Jelena Zelenović Matone
Senior Head & Chief Information Security Officer, European Investment Bank
Jelena Zelenović Matone leads cyber and operational risk for one of Europe’s most influential financial institutions. Recognized globally for her contributions to cybersecurity, she has helped formalize risk appetite, measurement, and governance at a supranational level. Her role reflects how CISOs increasingly operate as stewards of institutional resilience.
Rich Agostino
SVP, Technology Infrastructure, Target
During his tenure as CISO, Rich Agostino helped integrate security and infrastructure strategy across one of the largest retailers in the world. His progression into a broader technology infrastructure role reflects a growing trend: security leaders expanding influence across foundational enterprise platforms. The shift highlights how cyber strategy now shapes core technology decisions.
Harold Rivas
EVP, CISO & CIO, Absolute Security
Harold Rivas brings a combined CIO-CISO perspective to building resilient, future-ready technology organizations. At Absolute Security, he oversees cybersecurity, infrastructure, compliance, and AI governance under a unified strategy. His approach reflects a growing consolidation of security and technology leadership in response to systemic risk.
Daniel Parsons
Chief Information Security Officer, The E.W. Scripps Company
Daniel Parsons is known for hands-on leadership and a focus on solving the hardest security problems head-on. Now CISO at The E.W. Scripps Company, he draws on deep experience in cyber defense, threat hunting, and security automation from global media environments. His leadership style emphasizes empowerment, mentorship, and operational maturity.
The CISO’s Role Has Changed—These Leaders Prove It
What unites these CISOs is not a shared technology stack or security framework, but a shared mindset. Each operates with the understanding that security is no longer a supporting function. It is a strategic discipline tied directly to business continuity, public trust, and organizational credibility.
As cyber risk continues to converge with geopolitical pressure, regulatory scrutiny, and rapid technological change, the influence of the CISO will only grow. The leaders featured in this list offer a glimpse into what modern security leadership looks like in practice and where the role is headed next.