Advertising and marketing organizations sit at the intersection of creativity, data, and technology. They manage vast volumes of client data, intellectual property, and globally distributed digital platforms, often under intense time pressure. The CISOs and security leaders in this sector must enable innovation while managing cyber risk at scale. The leaders below are shaping how security supports creativity, resilience, and trust across global marketing enterprises.
John Whiting – Global Director Cyber Risk, Omnicom
John Whiting was recruited to Omnicom to spearhead the enterprise-wide cyber risk management program, working directly with executive leadership to mature and operationalize cyber risk across the organization. As co-author of the Omnicom Risk Management Framework, he aligned the full risk lifecycle with ISO 31000 methodology, creating a structured yet flexible approach to identifying, assessing, and mitigating cyber risk globally.
John owns Omnicom’s integrated risk management system, overseeing ISO 27001 risk, ISMS governance, corrective actions, and non-conformities. He works closely with incident response teams to translate emerging threat intelligence into actionable risk insights for executive and board-level decision-making. With over 20 years of experience and long-standing CISA and CISSP certifications, John is widely respected for translating complex technical risk into clear, business-driven outcomes.
Akash Kalra – Senior Vice President, Enterprise Security & Deputy CISO, Publicis Groupe
Akash Kalra is a seasoned enterprise security leader with more than 20 years of experience driving security strategy, governance, and risk-based programs at scale. As Senior Vice President and Deputy CISO at Publicis Groupe, he plays a central role in aligning information security initiatives with business objectives across a global advertising and communications organization.
Akash brings deep expertise in ISO 27001, NIST, SOC, PCI DSS, HIPAA, and privacy regulations including GDPR and CCPA. He is known for building mature governance frameworks, leading executive and board-level reporting, and managing complex third-party and supplier risk environments. A PMP-certified leader and ISMS Lead Auditor, Akash combines operational rigor with strong people leadership, focusing on talent development, stakeholder trust, and resilient security programs that support innovation.
Chris Durso – Global Head of Information Security, M&C Saatchi Group
Chris Durso leads global information security at M&C Saatchi Group, bringing over 20 years of IT and cybersecurity experience across highly distributed, fast-moving organizations. His background includes delivering complex security initiatives for global enterprises, including large-scale data center operations and publicly listed energy companies.
At M&C Saatchi, Chris focuses on securing creative, data-driven environments while enabling collaboration across regions and agencies. He is recognized for managing high-profile security projects, strengthening governance, and ensuring that security scales alongside business growth. Chris combines deep technical expertise with a pragmatic understanding of how security must function within creative and commercial realities, making him a key leader in protecting global marketing ecosystems.
Markus Häbe – CISO / Senior IT Administrator, Digitas Germany
Markus Häbe represents a modern, hands-on CISO profile, combining deep technical expertise with operational leadership. As CISO and Senior IT Administrator at Digitas Germany, he is responsible for securing agency infrastructure while supporting agile, creative workflows.
His career spans IT administration, media, and digital services, supported by certifications in BSI IT-Grundschutz, data protection, Scrum, and enterprise service management. Markus brings a practitioner’s mindset to security, focusing on resilience, compliance, and practical risk reduction rather than theoretical frameworks alone. His progression from technical foundations to security leadership reflects the evolving needs of digital agencies operating in highly regulated European environments.
James Bruce – Business Security Services Director (Business CISO), WPP
James Bruce serves as Business CISO within WPP, overseeing cybersecurity for iconic agencies including Grey, AKQA, VML, and Ogilvy. He directs global security strategy across a $9B organization with 60,000 staff, focusing on outcomes that measurably reduce risk while enabling innovation.
James has deployed AI-driven threat detection, dramatically reduced phishing risk, accelerated vulnerability remediation, and built scalable vendor risk frameworks covering over 1,000 suppliers. Known for building and mentoring high-performing teams, he aligns cybersecurity roadmaps directly to business value, ROI, and creative velocity. His leadership blends technical depth, board-level communication, and a relentless focus on execution that scales globally.
Securing Creativity at Scale
These leaders demonstrate how cybersecurity in advertising and marketing is no longer a back-office function. It is a strategic enabler of trust, innovation, and global collaboration. By embedding security into creative operations, managing complex third-party ecosystems, and translating cyber risk into business language, they are redefining what effective CISO leadership looks like in the marketing world.