Appetite for Security: CISOs to Watch in Food and Beverage

Related

Road Ready: CISOs to Watch in Automotive and Transportation

The automotive and transportation sector is undergoing a digital...

Classroom to Cloud: CISOs to Watch in Higher Education

Higher education security sits at an unusual intersection of...

Silicon and Stakes: CISOs to Watch in Semiconductor Technology

Semiconductor and advanced electronics companies sit at the center...

Built to Last: CISOs to Watch in Manufacturing and Engineered Technology

Manufacturing and engineered technology companies face a security challenge...

Share

Food and beverage companies face a security challenge that combines the operational technology risks of manufacturing with the consumer data obligations of retail and the supply chain complexity of global logistics. Their factory floors run on industrial control systems that connect to corporate networks. Their brands depend on consumer trust that a single breach can erode overnight. Their supply chains span dozens of countries and hundreds of third-party relationships. The CISOs in this feature are protecting some of the most recognizable names in the American pantry, and their programs reflect what security looks like when the product being protected ends up on dinner tables around the world.

Jim Nelms — CISO, Smithfield Foods

Jim Nelms has served as CISO at Smithfield Foods since March 2022, overseeing security for the world’s largest pork producer, a company with more than 64,000 employees, operations across the US, Mexico, Poland, Romania, Germany, and the United Kingdom, and annual revenue of approximately $18 billion. Before Smithfield, he spent five years as CISO at LabCorp, one of the world’s leading healthcare diagnostics companies serving more than 220,000 clients daily, and before that two and a half years as CISO at Mayo Clinic, one of the most recognized medical institutions in the world.

His deepest institutional tenure is nearly fifteen years as CISO at the World Bank, protecting treasury and global operations for one of the most consequential financial institutions in international development. He served on Tenable’s executive advisory board for more than five years and on the executive board of the National Security Technology Advisory Council. That arc from international banking security through healthcare diagnostics and now global food production reflects a career shaped by operating at institutional scale across sectors where the stakes of a security failure are measured in public trust as much as financial loss.

Diane Ball — Global CISO, McCormick and Company

Diane Ball has served as global CISO at McCormick and Company, the world’s largest spice and flavor company, since March 2023. Before McCormick, she spent six years as VP and CISO at BlueCross BlueShield of Tennessee, overseeing the company’s full information security program including cyber operations, threat intelligence, incident response, and governance and compliance. Before BCBS Tennessee, she spent more than three years as VP of enterprise risk and security and CISO at Fujitsu America, where she defined the information security vision and strategy, developed and executed service improvement plans for two major clients, and built the company’s enterprise risk management framework including an executive risk committee.

Before Fujitsu, she spent nearly seven years as director of enterprise security and privacy at BlueCross BlueShield of North Carolina, securing funding for and implementing key security controls, and began her security career spending nearly eight years at Wachovia Bank managing core security functions spanning network security, forensics, third-party assessments, and regulatory compliance. She is also a certified Dale Carnegie instructor. That background across banking, two Blue Cross organizations, global managed services, and now consumer food manufacturing reflects a security leader whose career has been built across the most heavily regulated and trust-sensitive industries in the economy.

Matt Bunch — VP and Global CISO, Tyson Foods

Matt Bunch has spent nearly thirty years at Tyson Foods, making his one of the most remarkable single-company career progressions in this feature. He joined as an intern in systems administration in 1997, advanced through Unix system administrator, OpenVMS administrator, mid-range systems administrator, systems consultant, enterprise infrastructure manager, technical solutions architect, senior manager of client engineering, associate director and director of IT information security, senior director of IT information security and cyber, CISO, and finally VP and global CISO in January 2025.

That three-decade internal progression, from printer management and VMS system support through enterprise infrastructure architecture and into the top security seat at a $53 billion global protein company, reflects a security leader whose institutional knowledge of Tyson’s systems, culture, and risk environment has been built from the ground up over nearly three decades. His security mandate now spans a company with more than 140,000 team members, operations across the United States, Australia, China, and several other countries, and a supply chain that connects farms, processing facilities, and distribution networks across the global food system.

Shannon Hopkins — CISO, Southern Glazer’s Wine and Spirits

Shannon Hopkins has spent more than ten years at Southern Glazer’s Wine and Spirits, stepping into the CISO role in August 2022 after six years as senior director of enterprise information security at the same company. Before Southern Glazer’s, he spent nearly seventeen years as senior manager of network and information security at Glazer’s Distributors, which was subsequently acquired by Southern Glazer’s, giving him a continuous tenure inside the same distribution organization spanning more than twenty-five years. Southern Glazer’s is North America’s largest wine and spirits distributor, operating across 44 states and Canada with more than 24,000 employees and a distribution network connecting hundreds of suppliers to tens of thousands of retail and hospitality accounts.

His certifications include CCISO, CISSP, CISM, and ITIL Expert. Before his security career, he supervised manufacturing shifts at companies producing surface acoustic wave devices and reclaiming silicon wafers for AMD, Intel, and Matsushita, giving him a grounded understanding of production operations that shapes how he approaches security in a company whose business depends on the reliability of its distribution infrastructure. That combination of deep institutional tenure and manufacturing floor roots reflects a security leader whose perspective is built on operational continuity as much as technical security governance.

Todd Colliver — CISO, Sazerac Company

Todd Colliver stepped into the CISO role at Sazerac Company, one of North America’s largest privately held spirits producers, in January 2025, having spent nearly seven years before that as director of global IT infrastructure, operations, and security at the same company. Before the CISO role, he led the creation and buildout of Sazerac’s global cybersecurity capabilities, the implementation of ServiceNow across ITSM, reporting, and automation functions, and IT support through the company’s significant global growth and acquisition activity. He has spent nearly twelve years at Sazerac in total.

Before Sazerac, he spent nearly nine years at Kindred Healthcare across corporate manager of client systems and senior systems programmer roles, managing client infrastructure for a post-acute care organization with 76,000 employees across 2,280 sites in 46 states. Before Kindred, he spent five years as network and systems analyst at Zeon Chemicals, supporting IT infrastructure across North and South America for a multinational synthetic rubber manufacturer. That combination of healthcare operations technology experience, manufacturing IT management, and nearly a decade of building Sazerac’s security function from the infrastructure layer up reflects a practitioner whose security program is grounded in deep operational knowledge of the company it protects.

Sridhar Prabhakaran — CISO, WK Kellogg Co

Sridhar Prabhakaran has served as CISO at WK Kellogg Co since October 2023, leading cybersecurity for one of America’s most recognized cereal and breakfast food brands following its separation from the broader Kellogg enterprise. Before stepping into the CISO role, he spent more than six years at Kellogg Company as senior security architect and principal security architect, building deep institutional knowledge of the company’s security environment and infrastructure before taking on executive accountability. Before Kellogg, he spent six years at Microland as associate director and senior manager of technology, and before that a year and a half as a network security consultant at Tata Communications.

His earlier career includes senior team lead roles at Microland in Bangalore overseeing network security design, build, and operations teams working on proxies, firewalls, and load balancers, and nearly three years as a network security engineer at TCS supporting core banking data center infrastructure. That progression from network security engineering in India through managed services technology leadership and successive security architecture roles at Kellogg before stepping into the CISO seat reflects a practitioner who built his security expertise from the technical foundation upward over more than two decades before taking on executive accountability.

Food Security Is Supply Chain Security

Every organization in this feature is operating at the intersection of manufacturing, distribution, and consumer trust. Their factories run industrial control systems. Their logistics networks span continents. Their brands carry decades of consumer recognition that a single security incident can put at risk. The leaders in this feature are building programs that protect not just data but the operational continuity of organizations whose products feed, season, and supply hundreds of millions of people. That is a security mandate that extends from the server room to the factory floor to the dinner table, and the leaders in this feature carry it every day.

IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.