Austria has emerged as a strategically important cybersecurity hub in Europe, anchored by strong financial institutions, critical energy providers, national transportation infrastructure, and globally recognised consumer brands. As regulatory expectations continue to rise under frameworks, such as NIS2, Austrian CISOs are expected to balance compliance, operational resilience, and business enablement across increasingly complex digital environments.
What distinguishes leading security executives in Austria is their ability to operate across borders, industries, and regulatory regimes. Many oversee security programmes that span multiple countries, integrate operational technology with enterprise IT, or support highly distributed business models. The CISOs featured below reflect this diversity of responsibility and demonstrate how cybersecurity leadership in Austria is evolving from technical oversight to enterprise risk and strategic influence.
Bernardo Horta — Group Chief Information Security Officer, Erste Group
Bernardo Horta serves as Group Chief Information Security Officer at Erste Group, overseeing strategic and tactical cybersecurity programmes across independent entities throughout Central and Eastern Europe. With more than 20 years of experience in information and cybersecurity, including over a decade in leadership roles, he has implemented strong cybersecurity governance frameworks and enhanced collaboration across internal security teams.
His track record includes delivering large and complex security initiatives across Germany, Austria, Spain, the United States, Brazil, Argentina, China, and India. Holding an MBA in Strategic Information Management and certifications such as MCSO, MCRM, and ISO 27002, Horta combines governance expertise with global operational experience. His mission is to protect business-critical data and assets while driving security maturity and regulatory compliance across Erste Group.
Wolfgang Löw — Group Chief Information Security Officer, EVN
Wolfgang Löw is Group Chief Information Security Officer at EVN, a position he has held since 2012. He leads cybersecurity strategy and security operations for a major energy and infrastructure organisation, with focus areas including cloud security, security operations management, and regulatory compliance.
In addition to his corporate role, Löw is a Member of the Board of Directors at EE-ISAC and serves on the Assembly Committee of the European Network for Cyber Security. He is also a lecturer at Fachhochschule Technikum Wien. His career reflects a blend of deep technical roots and long-term executive leadership, contributing to cybersecurity collaboration at both national and European levels within the energy sector.
Jimmy Heschl — Global Head of Digital Security, Red Bull
Jimmy Heschl is Global Head of Digital Security at Red Bull, where he focuses on embedding effective information security and risk management practices within a professionally governed and managed environment. His expertise spans IT governance, process management, performance management, and information security management.
He has been deeply involved in the development of global IT governance frameworks through his work with ISACA, serving on COBIT task forces and contributing to COBIT 5 and COBIT 2019. Heschl has authored and supported publications integrating frameworks such as COBIT, COSO, ITIL, ISO 2700x, PMBOK, PRINCE2, and TOGAF. He also serves as an expert witness supporting the Austrian legal system in the assessment of IT practices and regularly delivers training and presentations on IT governance and security.
Dr. Ahmed Hammouda — Chief Operational Technology Cyber Security Officer, OMV
Dr. Ahmed Hammouda specialises in operational technology and industrial cybersecurity within the oil and gas sector. His experience includes building and delivering cybersecurity services with a focus on security operations and security architecture across enterprise information technology and operational technology environments.
He brings deep expertise in industrial networks, including distributed control systems, industrial control systems, and SCADA platforms. Dr. Hammouda is experienced in translating strategic digital objectives into executable programmes of work, supporting digital transformation while managing cyber risk, and applying data governance practices across complex, multinational organisations.
Christoph Kukovic — Chief Information Security Officer, VERBUND AG
Christoph Kukovic has served as Chief Information Security Officer at VERBUND AG since November 2023. His background includes roles as Enterprise Security Architect, IT Security Specialist, and Information Security Consultant, providing a strong technical and architectural foundation.
His experience spans consulting and enterprise environments, with a focus on cybersecurity governance, architecture, and operational security. Kukovic’s progression into the CISO role reflects a hands-on understanding of security challenges within Austria’s critical energy infrastructure sector.
Reinhard Engler — Chief Information Security Officer, ÖBB Infrastruktur
Reinhard Engler is Chief Information Security Officer at ÖBB Infrastruktur, a role he has held since February 2023, alongside responsibilities as Head of Information Security since 2022. His remit includes information security management, audits, and governance within Austria’s national rail infrastructure.
His career spans IT leadership, operational risk management, and programme and project management. With more than a decade in senior IT and risk roles, Engler brings a blend of technical expertise and organisational leadership to securing large-scale transportation systems.
Peter Gerdenitsch — Head of Group Information and Cyber Security & Group Chief Information Security Officer, Raiffeisen Bank International AG
Peter Gerdenitsch has served as Head of Group Information and Cyber Security and Group Chief Information Security Officer since November 2015. In this role, he is responsible for group-wide cybersecurity leadership, governance, and strategic oversight.
With more than ten years in the position, his tenure reflects sustained responsibility for shaping and maintaining enterprise cybersecurity capabilities over time.
Austria’s Strategic Importance in European Cybersecurity
Austria’s cybersecurity leaders operate at the intersection of finance, energy, transportation, and global commerce, sectors where cyber incidents can have systemic and cross-border impact. The CISOs featured here demonstrate how effective security leadership extends beyond technology, encompassing governance, regulatory alignment, operational resilience, and executive influence.
As cyber threats continue to evolve and regulatory scrutiny intensifies across Europe, these leaders will play a critical role in shaping not only their organizations’ security postures, but also Austria’s position within the broader European cybersecurity landscape.