Cybersecurity in healthcare is no longer a back-office function. It now sits at the center of patient safety, clinical uptime, and trust. Medical systems run on connected devices, cloud platforms, and remote care tools that create new entry points for attackers. The CISOs leading this space carry a responsibility that stretches far beyond data protection. They are shaping how hospitals deliver care in a world where cyber risk grows faster than budgets.
This CISO Whisperer issue highlights ten leaders who stand out for their work in strengthening resilience across some of the largest and most complex medical institutions in the country.
Kim Sassaman — CISO, Universal Health Services (UHS)
Kim oversees security for one of the largest healthcare systems in the country. He focuses on risk reduction at scale and builds programs that support nonstop clinical operations. His recognition in the 2025 Top 100 CISOs list reflects his influence in the field.
Erik Decker — CISO, Intermountain Health
Erik is a key voice in national healthcare cybersecurity frameworks. He supports stronger information sharing and leads Intermountain’s work on incident response and recovery. His guidance helps shape industry policies that many hospitals now follow.
Christopher Frenz — CISO, Mount Sinai South Nassau
Christopher is known for driving zero trust in real clinical settings. He focuses on practical controls that work for frontline staff, not just in theory. His research and engineering background help his team build defenses that are both modern and feasible.
Andy Heins — CISO, Lifepoint Health
Andy manages security across a wide network of community hospitals. He works on maturity, visibility, and consistent standards across all sites. His leadership supports 24-hour clinical environments that cannot afford disruption.
Jack Kufahl — CISO, Michigan Medicine
Jack leads one of the most advanced academic medical centers in the US. He balances protection for research, clinical care, and patient data under one strategy. His team works on identity, access, and resilience for high-demand environments.
Steven Ramirez — CISO, Renown Health
Steven supports an expanding digital health ecosystem. His priorities include faster threat detection, better containment, and deeper governance across business units. His program reflects the needs of a system growing in both size and digital complexity.
Hussein Syed — CISO, RWJBarnabas Health
Hussein is an established name in healthcare cybersecurity. He manages risk for a large multi-hospital network in New Jersey. His approach is steady and operational, with strong focus on threat prevention and readiness.
Greg Garneau — System VP and CISO, Hospital Sisters Health System
Greg brings more than 25 years of experience. He helps guide strategy for identity protection, vendor oversight, and compliance across many hospitals. His long tenure in the field makes him a trusted voice in healthcare security.
Gordon Groschl — CISO, Texas Children’s Hospital
Gordon covers both cybersecurity and healthcare technology management. This dual view gives him insight into medical device risks, one of the fastest-growing challenges in the field. His team works across clinical engineering and IT to reduce exposure.
Kevin Hamel — CISO and VP of IT Operations, Hartford HealthCare
Kevin leads security for a major regional system. His focus includes endpoint protection, operational alignment, and better communication across care sites. His work helps create a stronger security culture from the front desk to the ICU.
Cybersecurity in healthcare demands steady leadership and practical problem solving. The CISOs on this list demonstrate what it takes to protect a modern medical system while supporting clinicians who depend on reliable technology. Their work helps ensure that patient care continues even when the threat landscape shifts. As cyberattacks become more sophisticated, these leaders will help define how the medical field responds, adapts, and strengthens its defenses.