Energy and utilities organisations operate some of the world’s most critical infrastructure, where cyber incidents can have real-world safety, economic, and national security consequences. As grids modernise, renewables scale, and operational technology converges with IT, cybersecurity leadership in this sector must balance resilience, regulation, and uninterrupted service delivery. The following leaders stand out for shaping security programs that protect essential services while enabling transformation across energy generation, distribution, and utilities operations.
Carmine Valente — Deputy Chief Information Security Officer, Con Edison
Carmine Valente is an information security executive with extensive cross-cultural experience spanning cybersecurity, risk management, incident response, attack surface management, AI security, audit, business resilience, and data security. In his role at Con Edison, he provides visionary leadership to address advanced persistent threats targeting critical infrastructure. Valente balances risk, privacy, and compliance requirements while empowering business lines, and advises at the board level on cybersecurity strategy. His work reflects the complexity of securing large-scale energy utilities operating in high-risk threat environments.
Spencer Wilcox — Executive Director of Cybersecurity, NextEra Energy
Spencer Wilcox is a trusted executive with progressive leadership experience across cybersecurity, physical security, crisis management, and technology services in the energy sector. He regularly reports to the board and collaborates with senior executives to manage cybersecurity risk. With a background in law enforcement, technology, and public policy, Wilcox develops business-first, outcome-focused security and risk management strategies. He is also recognised for his expertise in cybersecurity public policy and utility regulation, working closely with federal, state, and local partners to strengthen public–private collaboration.
Martin Strasburger — Senior Vice President and Chief Security Officer, Duke Energy
Martin Strasburger leads Enterprise Security and Aviation at Duke Energy, a Fortune 200 company and one of the largest combined gas and electric utilities in the United States. Working closely with executives and the board, he defines security strategy across technology systems, operational assets, facilities, and personnel. His remit spans cybersecurity, physical security, executive protection, and emergency preparedness, alongside corporate, utility, and unmanned aviation services. Strasburger leads a large multidisciplinary team, delivering integrated security for complex, large-scale utility operations.
Jon Raper — Chief Information Security Officer, Chevron
Jon Raper is responsible for setting Chevron’s global information security strategy and safeguarding IT operations worldwide. As Chief Information Security Officer, he ensures the organisation’s global security posture aligns with operational and business needs. Prior to Chevron, Raper held senior security leadership roles at Costco Wholesale, where he led global information security strategy in a $158B enterprise, and at Oracle, where he built and scaled security operations across multiple lines of business. His career reflects deep experience in large, complex, global environments.
Jim Beechey — Vice President, Information Technology and Security and Chief Information Officer, CMS Energy
Jim Beechey leads IT, physical security, and cybersecurity for CMS Energy and its principal subsidiary, Consumers Energy. With more than 25 years of experience, he oversees technology strategy, investments, and operations while driving integrated security programs. Beechey created the utility industry’s first fully integrated security program covering compliance, risk, privacy, cyber, and physical security. A regular industry speaker, he has led the development of security operations, adopted industry frameworks, and shaped utility cybersecurity practices through regulatory and industry engagement.
Erik Evans — Head of Cyber Security, First Solar
Erik Evans leads cybersecurity at First Solar, overseeing the organisation’s security function following progressive leadership roles within the company. His career spans security leadership in the renewable energy sector and more than a decade in information security roles at Bowling Green State University. Evans’ experience includes managing and building IT security programs, leading teams through operational and organisational change, and supporting the cybersecurity needs of a global solar manufacturer. His background reflects the growing cybersecurity demands of renewable energy and clean technology organisations.
Securing the Backbone of Modern Society
Energy and utilities cybersecurity leaders operate at the intersection of national infrastructure, regulation, and digital transformation. As the sector faces escalating threats to both IT and operational systems, these CISOs and security executives play a critical role in safeguarding reliability, public safety, and trust. Their work highlights why strong, experienced cybersecurity leadership is essential to keeping energy systems resilient in an increasingly connected and contested digital landscape.