Cybersecurity is no longer just a technical function; it’s a strategic imperative for organizations across industries. In Arizona, a new generation of Chief Information Security Officers (CISOs) is stepping up to protect critical infrastructure, sensitive data, and business operations from increasingly sophisticated threats.
From state government to higher education, healthcare, and the private sector, these leaders are shaping the state’s security posture while driving innovation and resilience. Here’s a closer look at 10 CISOs to watch in Arizona in 2025.
Mitch Kohlbecker — City of Phoenix
In February 2025, Mitch Kohlbecker was appointed Chief Information Security Officer for the City of Phoenix, after nearly five years as the city’s Deputy CISO. Before that, he spent decades leading cybersecurity efforts across education, government, non‑profits and Fortune‑listed companies. As CISO, his priorities include strengthening architecture, engineering, risk management and compliance, building on earlier work that security and business operations can complement (not conflict).
Lester Godsey — Arizona State University (ASU)
Lester Godsey joined ASU as Chief Information Security Officer in early December 2024, returning to the institution decades after he first started his career there as a technology support analyst. He brings nearly 30 years of IT and cybersecurity leadership, including as former CISO for Maricopa County (the fourth-largest US county by population). In his previous role, he was recognized by Government Technology as one of its “Top 25 Doers, Dreamers & Drivers” for his work defending cybersecurity and combating misinformation. At ASU, he’s described as bringing a rare blend: IT leadership, public service, and a passion for teaching.
Tim Schwab — University of Arizona (UArizona)
In March 2024, Tim Schwab became the Chief Information Security Officer at the University of Arizona. Previously, he served as Executive Director of Administrative Technologies at UArizona, managing a broad portfolio of enterprise systems supporting finance, HR, research, student services, and emergency alert systems. Over decades in IT, he has built strong skills in project lifecycle management, vendor management, SaaS and on‑prem infrastructure, and IT service delivery. As CISO, he’s tasked with strengthening information security while preserving vital research and educational missions, which is critical balance in higher education.
Ryan Murray — State of Arizona
Ryan Murray currently serves as Deputy Director & State Chief Information Security Officer for Arizona, a role he assumed in November 2024. He had previously served in deputy and interim state‑CISO capacities since at least 2021.
Dina Mathers — Carvana
Dina Mathers leads information security at Carvana, the large online car‑retail platform. Under her leadership, Carvana won a 2024 CSO Awards recognition for an innovative security project that applied “phantom‑token” technology to strengthen authentication while improving user experience. According to Carvana and vendor reporting, under her watch, the company reduced breach likelihood by 40% within nine months, cut cyber insurance premiums, and improved overall risk posture thanks to a combination of AI-enabled risk management and streamlined security operations. Mathers’ philosophy of “Security is a Team Sport” underscores her commitment to cross‑functional collaboration rather than siloed security.
James Baird — GoTo Foods
James Baird is the VP & Chief Information Security Officer at GoTo Foods. As the company’s first CISO, he built the security program from scratch, reducing enterprise risk, lowering cyber‑insurance costs, and delivering a global security framework aligned with regulatory and business needs. Under his leadership, GoTo Foods instituted an integrated risk management system and launched initiatives around privacy, application security, vendor risk, and infrastructure security.
Jason Stead — Choice Hotels International
Jason Stead has served as CISO at Choice Hotels International for many years. His longstanding role suggests he shepherds security for a global hospitality giant, managing risks around data privacy, guest information, and thousands of properties worldwide. As such, he stands as a steady, experienced cybersecurity leader navigating a complex, global exposure surface.
David Valenzuela — Blue Cross Blue Shield of Arizona (BCBSAZ)
David Valenzuela currently serves as VP & Chief Information Security Officer at Blue Cross Blue Shield of Arizona, a role he began in October 2023. His background includes security and compliance leadership roles at Rogers Corporation, HealthEquity, WageWorks, and Charles Schwab, giving him broad exposure to both financial services and healthcare‑adjacent risk environments.
Martin Mazor — ON Semiconductor
Martin Mazor was appointed Chief Information Security Officer at ON Semiconductor in May 2023. Before that, he held senior security leadership roles, including SVP & CISO at Entertainment Partners and VP & CISO at Meggitt PLC.
Given ON Semiconductor’s role in manufacturing and hardware, his leadership likely involves bridging cybersecurity, operational resilience, and the security demands of supply‑chain and manufacturing technologies. In a world where hardware supply chains are increasingly targeted, and interconnected with national security and critical infrastructure, Mazor’s work may provide insight into how semiconductor‑industry CISOs tackle those challenges.
Seema Patel — Maricopa County
In October 2024, Seema Patel succeeded Lester Godsey as Chief Information Security Officer for Maricopa County, one of the largest and fastest‑growing counties in the U.S. Her appointment represents continuity for the county’s cybersecurity efforts, but also a new opportunity to adapt and evolve security strategy under changing leadership, threat landscape, and population growth.
Why These CISOs Matter and What to Watch Ahead
These 10 leaders stand out because they cover a wide cross-section of sectors, and each faces unique security challenges. Their backgrounds combine years of technical experience, leadership, and in many cases, public‑service or cross‑sector exposure.
Arizona’s cybersecurity landscape is thus shaped not by a single sector but by interlocking ecosystems: public infrastructure, citizen services, education, health, commerce, and technology.
atching how these CISOs respond to emerging threats can give early signals about where the stat, and by extension much of the U.S. southwest, is headed on cyber resilience.