Maryland has long been a hub for cybersecurity talent, bridging government, healthcare, education, and private enterprise. From securing state infrastructure to protecting sensitive research and healthcare data, CISOs in the region face some of the most complex and high-stakes challenges in the field.
The following 10 leaders stand out for their expertise, strategic vision, and impact, making them among the most influential cybersecurity professionals to watch in Maryland today.
James Saunders — Maryland Department of Information Technology (DoIT)
James Saunders was appointed Acting State Chief Information Security Officer (CISO) as of May 5, 2025, and is expected to be confirmed permanently by the Maryland State Senate. He brings more than 15 years of cybersecurity leadership across federal agencies and the private sector.
Prior to DoIT, Saunders served as CISO and Deputy CIO at the U.S. Office of Personnel Management (OPM), where he led a zero‑trust rollout and cloud migration, and as CISO for the U.S. Small Business Administration (SBA), helping secure the agency’s systems during the pandemic while it distributed billions in relief funds.
Bob Taylor — City of Baltimore
Bob Taylor is the Chief Information Security Officer at the City of Baltimore. Before that, he served as Deputy CISO at the city, and his background spans decades across IT, security, banking, and consulting roles, including a long stint inside a major financial institution, demonstrating broad exposure to both private- and public-sector security operations.
Chris Breeden — University of Baltimore
Chris Breeden serves as Chief Information Security Officer at the University of Baltimore, a public university in Baltimore, MD. In 2025, he was named a finalist for “Cybersecurity Champion of the Year” by the Cybersecurity Association, Inc., a recognition that highlights professionals making a significant impact in cybersecurity across Maryland.
Given his role in higher education, where budgets, legacy systems, and compliance requirements (especially around student data privacy) make security challenging, his visibility and the award nomination suggest he is rising as a trusted cybersecurity leader in Maryland’s academic sector.
Janet Rathod — Johns Hopkins University and Medicine
Janet Rathod joined Johns Hopkins University and Johns Hopkins Medicine in September 2024 as Vice President and Chief Information Security Officer. She now oversees security governance, risk assessments, compliance, incident response, security operations, and related functions across one of Maryland’s top academic + health institutions.
Before this, she held global leadership roles: Global Head of Cyber‑Threat Intelligence at Citi and, earlier, Senior Director of Cyber Operations & Intelligence at Capital One Financial Corporation. Prior to her financial-sector career, she spent 16 years at the Federal Bureau of Investigation (FBI) as a member of the Senior Executive Service, managing intelligence programs across dozens of field offices and leading counterterrorism and cyber‑intelligence initiatives.
Her appointment at Johns Hopkins came at a critical moment; as threats to healthcare and higher‑education organizations grow, her blend of public‑sector, finance, and intelligence‑agency experience positions her to steer one of Maryland’s most complex security environments.
J. Kemp Jennings‑Roche — DoD Cyber Crime Center (DC3)
J. Kemp Jennings-Roche currently serves as Chief Information Security Officer at the DoD Cyber Crime Center (DC3), a federal‑level cybersecurity unit. In addition to that federal role, he is an adjunct professor at the University of Maryland Global Campus (UMGC), teaching cybersecurity/IT‑assurance courses since September 2020.
In his DC3 role, he’s been active publicly, recently speaking at the 16th Annual Billington CyberSecurity Summit on cloud threats, AI‑driven malware, and security in multi-cloud environments.
Michael Prakhye — Adventist HealthCare
Michael Prakhye is the Chief Information Security Officer and Director of Information Security at Adventist HealthCare, a major healthcare provider in Maryland. He holds a master’s in cybersecurity and an MBA from the University of Maryland (UMD), along with executive healthcare‑leadership certificates and security credentials, including CISSP and C|CISO. With two decades of experience in healthcare and even prior service with the Department of Defense, Prakhye brings a strong background in risk management, privacy, compliance, and operational security.
In a time when healthcare is increasingly targeted by cyberattacks and regulatory compliance is critical, Prakhye’s role makes him one to watch, balancing security and patient‑data protection while ensuring the organization continues to function smoothly.
Matt Conner — Second Front Systems
Matt Conner currently serves as Chief Information Security Officer at Second Front Systems, a U.S. public-benefit software company that supports mission-critical and government-facing applications. Before joining Second Front, he held senior security roles, including CISO responsibilities at the National Geospatial-Intelligence Agency (NGA), and worked for the broader U.S. Intelligence Community.
His background spans decades of risk management, vulnerability assessment, and security program leadership in high-risk, classified, and regulated environments, making him a heavyweight security leader with deep expertise.
Ian Goodhart — Maryland Department of Public Safety & Correctional Services
Ian Goodhart serves as Chief Information Security Officer at the Maryland Department of Public Safety & Correctional Services as of May 2025. He has a long career in IT/cybersecurity and has held leadership roles around shared security tools and governance for state-level cybersecurity programs. Given how critical public safety and correctional services data are, Goodhart’s role places him at the intersection of criminal justice and cybersecurity — a high-stakes domain.
Keith Young — Montgomery County Department of Technology & Enterprise Business Solutions
Keith Young is the Chief Information Security Officer for Montgomery County’s Office of Enterprise Information Security (OEIS), part of the county’s Department of Technology & Enterprise Business Solutions. In this role, Young leads the county’s information security program, governing security policies, risk assessments, vulnerability/threat management, incident response, compliance, and training for all county employees, contractors, and partners.
Given Montgomery County’s size and population, and the complexity of county services, Young’s stewardship affects a broad cross-section of residents. His work contributes to safeguarding sensitive public data and public‑service systems, making him a key regional public‑sector security leader.
Mark Cather — University System of Maryland (USM)
Mark Cather serves as the Chief Information Security and Privacy Officer (CISO/CPO) for the University System of Maryland (USM). His remit covers cybersecurity, privacy, information management, crisis management, and legal aspects of information security across the system’s constituent universities.
Cather holds a computer‑science bachelor’s degree as well as a Juris Doctor, with a certificate in Cybersecurity & Crisis Management. This dual technical + legal background is particularly valuable in higher‑education environments, where privacy laws, student data protection, contracts, and compliance intersect heavily with technical security.
Securing Maryland’s Future
The state’s cybersecurity landscape is only getting more dynamic, with threats evolving faster than ever. These CISOs exemplify the innovation, leadership, and resilience required to protect Maryland’s digital frontier. Keeping an eye on their initiatives and insights offers a window into the future of cybersecurity in the region and beyond.