The Australian healthcare sector has never faced more scrutiny on its cyber defenses. With hospitals, health networks, and digital health platforms under constant threat from ransomware, phishing, and data breaches, the role of cybersecurity leaders has never been more critical. As healthcare systems embrace digital transformation, from patient records to connected medical devices, the ability to protect sensitive data while enabling innovation has become a defining factor in the resilience of hospitals and healthcare providers.
In this landscape, a new generation of CISOs and security leaders is stepping forward to define the future of healthcare cybersecurity. These individuals are not only safeguarding infrastructure but also shaping strategy, governance, and risk management frameworks that affect millions of patients. Some hold formal CISO titles, while others serve in senior security leadership roles, all united by a commitment to strengthening Australia’s healthcare ecosystem.
Vijay Narayan — Chief Information Security Officer, Mercy Health Australia
Vijay Narayan brings a wealth of expertise in information security risk management across government, financial services, and consulting sectors. At Mercy Health Australia, he leads efforts in IT risk management, security operations, incident management, and network security architecture. With certifications including SABSA, CRISC, CISM, CISSP, and ISO 27001, Vijay has successfully steered organizations toward ISO 27001 certification and ensured compliance with PCI DSS and Australian regulatory frameworks. His hands-on experience in audits, strategy, and policy framework development positions him as a transformative leader in healthcare cybersecurity.
Varun Acharya — Chief Information Security Officer, Healthscope
Varun Acharya has spent nearly five years strengthening Healthscope’s cybersecurity posture, overseeing enterprise-wide risk management and governance for one of Australia’s largest hospital networks. Under his leadership, Healthscope has fortified digital infrastructure and developed security strategies that align with modern regulatory standards, ensuring patient data protection and operational continuity.
Danielle Pentony — Chief Information Security Officer, Australian Digital Health Agency
Danielle Pentony leads the Cyber Security Branch at the Australian Digital Health Agency, driving national efforts to create a connected, secure healthcare system. With over 18 years in technology and cybersecurity, she has managed global teams, implemented robust security programs, and advocated for equity and access in digital health. Danielle is also a mentor and champion for women in cybersecurity, emphasizing leadership, innovation, and collaboration across healthcare, government, and industry.
Manal al-Sharif — Chief Information Security Officer, Ramsay Health Care
Manal al-Sharif recently assumed the role of CISO at Ramsay Health Care, where she oversees cybersecurity strategy for one of Australia’s largest private hospital networks. Her focus on operational resilience, risk management, and compliance ensures that Ramsay’s hospitals and clinics remain secure amidst an evolving threat landscape.
Peter Croll — CISO, NSW Health
Peter Croll leads cybersecurity for NSW Health, covering a major public hospital network. His work focuses on protecting critical healthcare infrastructure, implementing risk management frameworks, and strengthening incident response capabilities across the state’s hospitals and health services.
David Lang — Chief Information Security Officer, Australian Government Department of Health and Aged Care
David Lang serves as CISO for the Department of Health and Aged Care, spearheading the national cybersecurity strategy for government health systems. His role includes ensuring regulatory compliance, overseeing risk management initiatives, and guiding protective measures for Australia’s public health data.
Vishwanath Nair — GM Cyber & IT Risk, BaptistCare
With over 20 years of international experience, Vishwanath Nair now leads cyber and IT risk at BaptistCare. His expertise spans risk management, business continuity, and governance, and he has a proven track record in orchestrating cyber enhancements and IT responses during emergencies, reinforcing organizational resilience.
Mitra Minai — Global Cyber Health Leader, Accenture
Mitra Minai focuses on cybersecurity strategy and digital transformation in healthcare globally. Through her work at Accenture and as a Digital Governance Committee Member at Uniting AgeWell, she develops forward-looking cyber-resilient strategies that protect digital health systems while fostering innovation and secure service delivery.
Roshan Fernandes — Information Security and Risk Manager, Sydney Children’s Hospitals Network
Roshan Fernandes oversees governance, risk, and compliance at the Sydney Children’s Hospitals Network, Australia’s largest pediatric healthcare system. She leads initiatives to improve cyber resilience, cultivate staff awareness, and advance the network’s cyber maturity framework, safeguarding critical healthcare services for children across the region.
Grant Lockwood — Former CISO, Virtus Health / Health Sector CISO, Victorian Department of Health
Grant Lockwood has held leadership roles spanning Virtus Health and the Victorian Department of Health. With experience in statewide hospital security strategy and private health-sector cybersecurity, Grant is recognized for developing governance frameworks and risk-mitigation programs that bridge public and private healthcare systems.
Luke Johnson — Deputy Chief Information Security Officer, Victorian Department of Health
Luke Johnson supports cybersecurity operations and strategic initiatives across Victoria’s public health system. His work focuses on securing hospital networks, supporting operational resilience, and contributing to state-level health cybersecurity strategies.
Tristan Lawrence — Head of Cybersecurity, Monash Health
Tristan Lawrence leads cybersecurity for Monash Health, Victoria’s largest health service. He has built efficient cybersecurity teams, automated digital processes, and reformed governance structures to enable both operational security and innovation in digital healthcare, contributing to the state’s broader cybersecurity strategy.
Driving the Future of Healthcare Cybersecurity
Australia’s healthcare system is only as strong as the cybersecurity leadership guiding it. These leaders represent the next frontier in protecting patient data, securing hospital networks, and enabling innovation across the sector. From public hospital networks to private health providers and national digital health initiatives, their expertise and vision are safeguarding Australia’s healthcare future, one policy, one system, and one patient record at a time.