As organizations in the Philippines navigate an increasingly complex digital landscape, the role of the Chief Information Security Officer (CISO) has never been more critical. From banking and telecommunications to healthcare and conglomerates, CISOs are leading efforts to protect sensitive data, ensure regulatory compliance, and build resilient security programs that can withstand evolving cyber threats.
The following leaders stand out for their achievements, recognition, and influence in shaping the country’s cybersecurity landscape, making them CISOs to watch in the years ahead.
Carlos T. Tengkiat — Rizal Commercial Banking Corporation (RCBC)
Carlos Tengkiat leads information security at one of the country’s major banks, RCBC. His role has gained public acclaim: in 2024 he was honored with the “Best Chief Information Security Officer / Information Security Head of the Year — Banking & Finance” award by the Information Security Officers Group (ISOG).
Under Tengkiat’s stewardship, RCBC has reportedly strengthened its data governance, third-party risk management and coordination across business units, transforming InfoSec from a support function into a full-fledged division capable of proactive risk management.
Russell Hernandez — UnionDigital Bank
Russell Hernandez is currently listed among the top CISOs in the Philippines, serving as Chief Information Security Officer at UnionDigital Bank. He was previously recognized by ISOG during its 2022 Cybersecurity Excellence Awards, indicating his contribution to setting strong InfoSec standards in institutions that deal with sensitive customer data and payments.
Hernandez’s role is emblematic of the growing wave of digital banking and fintech growth in the Philippines, making security not just a compliance checkbox, but a competitive advantage for emerging financial institutions.
Charmaine Valmonte — Aboitiz Equity Ventures, Inc. (AEV)
Charmaine Valmonte heads InfoSec for Aboitiz Equity Ventures, a major conglomerate with holdings across energy, infrastructure, real estate, and more, a diversified footprint that makes cybersecurity a complex, mission-critical task. According to recent industry programs, she has been active in national cybersecurity summits and conferences, sharing insights on security resilience in conglomerates balancing multiple business lines.
Her presence underscores the rising importance of cybersecurity beyond banking and finance, especially in large conglomerates that need to secure diverse business units, data domains, and critical infrastructure.
Marlon Sorongon — Maybank Philippines / Maybank New York
Marlon Sorongon brings over two decades of cybersecurity and IT risk experience. He has held senior roles across multiple organizations, including earlier stints in advisory/risk services at Deloitte, IT/OT security at a national grid operator, and infrastructure roles in banking, before assuming the Chief Information Security Officer role at Maybank Philippines in 2020.
Because he holds the CISO role both in the Philippines and at Maybank New York, Sorongon operates at a multinational scale; this gives him a unique vantage point to harmonize global security standards with local compliance and threat realities.
Sorongon is also recognized as a “Top 100 Global CISO / Cybersecurity Advocate” and frequently participates in regional cybersecurity and banking-tech forums, positioning him as a bridge between global best practices and local implementation.
Alexis Bernardino — PLDT Enterprise / ePLDT
Alexis Bernardino is Field CISO and Head of Enterprise Consulting Practices at PLDT Enterprise, with a career spanning over two decades across telecommunications, enterprise IT, and cybersecurity. He has held leadership roles at Fujitsu, Cisco, NEC, Converge ICT, Trustwave, and Smart Communications, giving him deep expertise in network security, threat intelligence, and risk management.
At PLDT and ePLDT, Bernardino focuses on integrating technology, policy, and human behavior into a holistic cybersecurity strategy, advocating a “human-plus-technology” approach that empowers organizations to be their first line of defense. His work has been recognized in industry awards and conferences, positioning him as a key influencer in the Philippines’ cybersecurity landscape.
Jojo Nufable — St. Luke’s Medical Center
Jojo Nufable leads cyber- and information security for St. Luke’s Medical Center, one of the country’s leading healthcare institutions. His role takes on additional importance in healthcare, where privacy, patient data protection, and regulatory compliance are critical. He is frequently invited as speaker at national cybersecurity summits and conferences.
In a rapidly digitizing healthcare environment, with growing telehealth, digital records, and cross-system integrations, Nufable is a key figure to watch for how hospitals can build resilient, patient-data safe infrastructures in the Philippines.
Irene M. Camacho — Healthway Medical Network
Irene Camacho heads information security and data protection for Healthway Medical Network, a healthcare group. She is listed among speakers for major Philippine cybersecurity events, reflecting active involvement in shaping healthcare cybersecurity practices.
Her leadership represents a broader shift: as more healthcare providers digitize services and patient data, effective CISOs in the sector will become more important, not just for internal IT, but for safeguarding patient privacy and regulatory compliance.
Jed Kenley Chua — Asia United Bank (AUB)
Jed Kenley Chua serves as Chief Information Security Officer at Asia United Bank (AUB), a mid-sized but growing player in Philippine banking. He is listed among major industry CISOs in recent conference speaker rosters.
As banks increasingly adopt digital services, AUB’s security posture will likely influence how smaller and regional banks implement cybersecurity, compliance, and customer trust frameworks in the coming years.
Mark Frogoso — East West Banking Corporation (EastWest Bank)
Mark Frogoso appears on recent speaker lists for Philippine banking and cybersecurity events as the Chief Information Security Officer (or equivalent) at EastWest Bank.
Frogoso’s position at a major commercial bank, during a period of rapid fintech adoption, digital banking expansion, and rising cyber risks, makes his role noteworthy. As East West modernizes its systems and offerings, his influence on banking-security standards will likely grow.
Steffen Minkmar — Asian Development Bank (ADB)
Steffen Minkmar is listed among the key cybersecurity leaders and speakers in major Philippine events, representing the Asian Development Bank (ADB), a major multilateral institution with significant regional influence. Given ADB’s role in financing infrastructure, development projects, and institutional modernization across Asia-Pacific, Minkmar’s approach to cybersecurity risk, governance, and resilience could indirectly shape security standards and expectations across public and private sectors in the Philippines and beyond.
What to Watch Next
As digital transformation accelerates across industries in the Philippines, the roles and influence of CISOs will only grow. The leaders above will likely shape how organizations think about risk-based security, compliance, talent development, and cross-industry best practices.