America’s service economy is vast, varied, and increasingly digital. The organizations in this feature move mail across the country, distribute plumbing supplies to contractors, restore homes after disasters, keep elevators running in buildings worldwide, sell pet safety products globally, supply roofing materials to thousands of job sites, and operate restaurant franchise systems serving millions of guests. Their security programs reflect the particular challenges of protecting organizations whose value is delivered through physical operations, distributed networks, and customer-facing systems that cannot afford to go down. The CISOs protecting those programs have built careers across banking, insurance, healthcare, defense, and government, and they have landed in corners of the economy that rarely dominate cybersecurity headlines.
Heather Dyer — Chief Information Security Officer, United States Postal Service
Heather Dyer has spent more than twenty-two years at the United States Postal Service, progressing from postmaster through business systems analyst, mail entry manager, IT program manager, and director of identity and access management before serving as acting CISO and stepping into the permanent CISO role in January 2022. Her path to CISO ran through the operational and revenue systems of an organization that handles more than 100 billion pieces of mail annually, giving her a grounded understanding of the business she now leads from a security perspective. Her IAM leadership at USPS involved modernizing identity lifecycle management, privileged access management, enterprise access management, and customer identity systems, and exploring blockchain and machine learning solutions for government services delivery. That combination of frontline postal operations, revenue systems program management, and identity security leadership reflects a security executive whose institutional knowledge of USPS spans the full operational spectrum.
Mario Memmo — Vice President and Chief Information Security Officer, Otis Elevator Company
Mario Memmo was Otis Elevator’s first CISO, building the company’s global cybersecurity program from the ground up after Otis spun off from United Technologies in 2020. His program encompasses governance, risk, and compliance, threat intelligence, identity and access management, a 24/7 security operations center, incident response, and a product security program protecting elevator and escalator systems deployed at customer sites worldwide. Otis moves two billion people a day, which means the operational technology security implications of a breach extend well beyond data loss into physical safety infrastructure. Before Otis, he served as deputy program director at ActioNet supporting the Department of Energy with a team of 700 contractors, and as CIO at the Naval Surface Warfare Center overseeing classified and unclassified systems and high-performance computing environments. His compliance mandate at Otis spans SOX, ISO, NIST, GDPR, SOC2, CCPA, FAR, CMMI, PCI, and CMMC across a company operating with 69,000 employees worldwide. That combination of naval computing leadership, federal program management, and first-CISO accountability at a global industrial company reflects a career shaped by mission-critical systems at every stage.
Joseph Frisk — Vice President and Chief Information Security Officer, Dine Brands Global
Joseph Frisk leads information security at Dine Brands Global, the franchisor of IHOP and Applebee’s operating more than 3,400 restaurants worldwide, partnering directly with franchisees on security strategy and compliance. His background spans nearly twelve years at Bank of America as SVP and consumer bank CISO leading a team of 300-plus with $30 million in budget responsibility across security operations, incident management, PCI and SOX compliance, application security, and IAM, followed by global head of IT governance, risk, and compliance at PwC, CISO for health sciences at Cognizant supporting a $12 billion healthcare and life sciences portfolio, VP and CISO at Alorica partnering with more than 300 global companies, and VP of trust and security at Pax8. He has also owned and operated a restaurant for four years and run small IT consulting and technology businesses alongside his executive career, giving him a direct understanding of the franchise operator experience that his current role at Dine Brands requires him to partner with daily. That combination of large-scale financial services CISO experience and firsthand restaurant operations knowledge is an unusual pairing that directly informs how he approaches security governance across a franchise system where the operators are both partners and risk surfaces.
Steve Clawson — Chief Information Security Officer, SERVPRO
Steve Clawson has served as CISO at SERVPRO since November 2021, overseeing security for a franchise restoration and cleaning company with more than 2,000 locations nationwide that responds to fire, water, and mold damage for homeowners, businesses, and insurance providers. Before SERVPRO, he spent nearly five years as manager of cybersecurity at National General Insurance and seven and a half years at Direct General Auto Insurance across senior information security manager, network services and security manager, and senior network engineer roles. His earlier career includes information security officer at United Surgical Partners International, infrastructure engineering roles in healthcare, and more than a decade at United Cities Gas Company across network, telecommunications, and desktop support functions going back to 1988. That thirty-plus year career built from computer operator and support analyst roles upward through network engineering, healthcare security, insurance cybersecurity, and now franchise restoration security reflects a practitioner whose operational depth is grounded in hands-on technology work across multiple regulated industries.
Mike Stolarik — Chief Information Security Officer, PetSafe Brands
Mike Stolarik has served as CISO at PetSafe Brands since April 2024, leading global security strategy, policy, and awareness programs for a Knoxville-based company whose pet containment, training, and lifestyle products are sold in more than 60 countries. His responsibilities include guiding and evaluating IT projects, risks, and controls, overseeing incident response and recovery, managing security staff and security champions throughout the organization, and reporting security metrics to the CEO and board of directors. His background spans more than twenty years across system and network security, security architecture, incident response, and project management in multiple industries and Fortune-ranked companies, giving him a cross-sector technical depth that informs how he approaches security governance at a global consumer products company whose brand depends on the trust of pet owners worldwide.
Ron Bowers — Chief Information Security Officer, Reece USA
Ron Bowers stepped into the CISO role at Reece USA in August 2025, having spent nearly five years before that as VP of information technology and business systems at the same company. Reece is a global wholesale distributor of plumbing, HVAC, bathroom and kitchen, and waterworks products operating more than 1,000 locations across the US and Canada. His responsibilities now span enterprise cybersecurity strategy, risk management, compliance, and the security culture and governance programs that protect a distribution company whose operations connect contractors, suppliers, and customers across a complex physical and digital supply chain. His background includes consulting work as a North Highland principal recognized as 2019 Rocky Mountain Consultant of the Year and 2020 Hall of Fame Award runner-up, with deep expertise in program portfolio management, business transformation, and risk mitigation. His five-year tenure inside Reece before becoming CISO gives him an operational understanding of the distribution business that shapes how he builds security programs aligned to business outcomes rather than compliance checkboxes.
Scott Western — Chief Information Security Officer, ABC Supply
Scott Western has served as CISO at ABC Supply since July 2019, leading security for North America’s largest wholesale distributor of roofing and select exterior, interior, and outdoor building products, operating more than 1,000 locations across the US and Canada. Before ABC Supply, he spent six and a half years at Dean Health Plan across computer engineering team lead, IT security team lead, and manager of cyber security and business continuity roles, and before that twelve years at Alliant Energy as a senior and lead workstation analyst. He has also operated Western Management and Consulting, a critical infrastructure protection and risk analysis consulting practice, since 2008. That combination of energy sector technology operations, health insurance cybersecurity, and wholesale distribution CISO accountability reflects a career built across regulated industries before landing in one of the most operationally complex distribution environments in the building products sector.
The Service Economy Runs on Trust
The organizations in this feature deliver mail, move people vertically through buildings, restore homes after disasters, supply the materials contractors build with, and keep pets safe. None of them are banks or hospitals, and none of them dominate conversations about cybersecurity investment. But all of them handle customer data, operate distributed networks, manage franchise or contractor relationships that create third-party risk, and depend on the continuity of digital systems to deliver physical services that people depend on every day. The leaders in this feature are building programs that match the scale and complexity of organizations whose security challenges are as real as any in more heavily scrutinized sectors, and whose work deserves the same recognition.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.