New York’s health and wellness sector spans academic medical centers, public health agencies, research institutions, community hospitals, and global healthcare enterprises. Security leaders in this industry operate in one of the most highly regulated and mission-critical environments in the economy—where patient safety, clinical continuity, research integrity, and data privacy converge. The CISOs below exemplify how cybersecurity enables care delivery, innovation, and trust.
Igor Gorelik — Chief Information Security Officer, SUNY Downstate Medical Center
Igor Gorelik brings more than two decades of information technology and security leadership experience across healthcare, higher education, finance, and the public sector. As Chief Information Security Officer at SUNY Downstate Medical Center, he leads enterprise security policy, governance, and operational risk management for a major academic medical institution. His background in city agencies and financial services strengthens his ability to manage regulatory obligations while protecting sensitive clinical and research data.
Bill McKinley — Chief Information Security Officer, Chorus Innovations
Bill McKinley is a mission-driven security executive focused on building mature, risk-based programs. As Chief Information Security Officer at Chorus Innovations, he leads governance, compliance, and cloud security initiatives aligned with frameworks such as NIST and CIS. His expertise spans first- and third-party risk management, incident response, and board reporting—supporting digital health platforms that must balance rapid innovation with strong regulatory controls.
Michael Czumak — Chief Information Security Officer, Memorial Sloan Kettering Cancer Center
Michael Czumak serves as the inaugural Chief Information Security Officer at Memorial Sloan Kettering Cancer Center, where he built and matured a comprehensive enterprise security program from the ground up. He oversees cybersecurity strategy for a complex ecosystem that includes hospitals, laboratories, research institutions, and educational facilities. His leadership includes hybrid cloud transformation, identity and access modernization, ransomware defense planning, and alignment with HIPAA, NIST, ISO, and other regulatory frameworks—ensuring that security supports both patient care and scientific advancement.
Alexander Grijalva — Chief Information Security Officer, VillageCare
Alexander Grijalva leads enterprise information security at VillageCare, overseeing governance, privacy, security operations, and third-party risk management. With deep knowledge of HIPAA, HITRUST, NYS DFS 500, and NIST standards, he has modernized cloud security stacks and established 24/7 monitoring capabilities. His work reflects a strong focus on data governance and AI oversight in healthcare environments where compliance and patient trust are paramount.
Eric Witherell — Chief Information Security Officer, Catholic Health
Eric Witherell brings twenty years of security leadership experience, with expertise in building and maturing enterprise security programs. At Catholic Health, he focuses on prevention and detection strategies aligned with real-world threat tactics. His leadership emphasizes people, operational discipline, and practical defense models designed to protect clinical systems and sensitive healthcare data in high-availability environments.
Thurain Nyunt — Chief Information Security Officer, New York State Department of Health
Thurain Nyunt serves as Chief Information Security Officer for the New York State Department of Health, bringing a strong background in cyber audit, compliance, and public sector governance. Previously recognized for innovative use of data analytics in government cybersecurity oversight, he applies structured audit and risk methodologies to safeguard statewide health systems and public health data infrastructure.
Jason Van Cleve — Chief Information Security Officer, Niagara Falls Memorial Medical Center
Jason Van Cleve leads cybersecurity program development at Niagara Falls Memorial Medical Center. With a foundation in network engineering and healthcare infrastructure, he focuses on strengthening defenses in hospital environments where uptime and patient safety are critical. His hands-on background informs practical, resilient security architectures for community healthcare systems.
Alan Rosa — Chief Information Security Officer and Senior Vice President of Infrastructure, CVS Health
Alan Rosa is a Fortune-scale technology executive serving as Chief Information Security Officer and Senior Vice President responsible for Infrastructure and Technical Operations at CVS Health. He leads thousands of technologists and oversees large-scale cloud, network, and automation initiatives supporting a global healthcare enterprise. His leadership integrates artificial intelligence, zero trust security, and enterprise resilience—aligning cybersecurity with board-level governance, operational continuity, and customer trust.
Protecting Patient Trust and Public Health at Scale
Cybersecurity in health and wellness is inseparable from human safety. Whether safeguarding clinical systems, research data, public health infrastructure, or digital consumer platforms, these leaders demonstrate how modern security programs enable care delivery while maintaining compliance and resilience. In an industry where downtime can affect lives, cybersecurity is not merely a technical function—it is a foundational component of patient trust and institutional integrity.
Explore additional industry spotlights across New York’s cybersecurity landscape in Cybersecurity Leaders to Watch in the State of New York’s Nonprofit Sector.