Massachusetts’ banking sector spans community banks, regional institutions, global financial firms, and credit unions—all operating within one of the most heavily regulated industries in the country. Cybersecurity leaders in banking must balance regulatory compliance, operational resilience, fraud prevention, and digital transformation while protecting sensitive financial and customer data. From FFIEC alignment to cloud-native SaaS security, these executives shape the risk posture of institutions that underpin economic stability.
Dana Shell — Senior Vice President and Chief Information Security Officer, HarborOne Bank
Dana Shell is an accomplished information security leader with deep expertise in enterprise risk management, audit, privacy, and regulatory frameworks. As Senior Vice President and Chief Information Security Officer at HarborOne Bank, she leverages standards including NIST, SANS CIS, COBIT, and FFIEC to guide structured risk mitigation strategies. Her collaborative approach strengthens security governance while aligning compliance with business objectives in a regulated financial environment.
Sean Croston — Chief Information Security Officer, USAA
Sean Croston brings a holistic enterprise perspective to cybersecurity leadership at USAA, drawing from extensive experience across financial services, investment banking, and the Federal Reserve. With a background as a Supervising Federal Reserve Bank Examiner, he is trusted by boards and executive leadership to implement control frameworks that reduce risk while supporting operational excellence. His strategy integrates regulatory discipline with business partnership across complex financial ecosystems.
James Murphy — Chief Information Security Officer, Rockland Trust
James Murphy is a veteran information security professional with more than three decades of experience in cybersecurity and risk management. As Chief Information Security Officer at Rockland Trust, he leads the development and execution of the bank’s information security program, ensuring protection against internal and external threats. Holding certifications including CISSP, CISA, CISM, and PMP, he brings depth in governance and operational security leadership.
Joshua Neffinger — Senior Vice President and Chief Information Security Officer, Eastern Bank
Joshua Neffinger oversees Eastern Bank’s information security strategy, building on a career that spans IT assurance, regulatory advisory, and financial services security leadership. His background includes penetration testing, vulnerability management, business continuity planning, vendor oversight, and compliance with GLBA and Massachusetts privacy laws. He combines hands-on security expertise with executive oversight to protect banking operations and customer trust.
Timothy Ficarra — Chief Information Security Officer, Data and Platform Solutions, BNY Mellon
Timothy Ficarra leads cloud security engineering, application security, and governance initiatives supporting BNY Mellon’s cloud-native SaaS offerings. Recruited to build and scale dedicated security organizations, he integrates modern tooling into DevOps and software development lifecycles while aligning practices to CIS benchmarks and NIST standards. His leadership emphasizes product security, cultural transformation, and enterprise resilience in large-scale financial technology environments.
B. Raj Sharma — Head of Information Security (Chief Information Security Officer), Northern Bank
- Raj Sharma brings over 17 years of cybersecurity and risk management experience to his role as Head of Information Security at Northern Bank. With hands-on expertise across risk assessment, vendor management, and vulnerability management, he focuses on strengthening institutional controls and maintaining regulatory alignment. His career progression within financial institutions reflects sustained leadership in enterprise security architecture and governance.
Ronald Ryel — Vice President of Information Security and Chief Information Security Officer, BrightBridge Credit Union
Ronald Ryel is a strategic technology executive known for aligning cybersecurity strategy with broader organizational goals. As Vice President of Information Security and Chief Information Security Officer at BrightBridge Credit Union, he drives customer-focused technology initiatives while strengthening institutional resilience. His leadership centers on practical risk reduction and performance optimization within complex financial environments.
Dawn Canales (Krzanik) — Senior Vice President of Information Technology, Chief Information Officer and Chief Information Security Officer, Adams Community Bank
Dawn Canales (Krzanik) leads both IT and cybersecurity at Adams Community Bank, overseeing information security, incident response, project management, and vendor governance. With a background spanning systems architecture, business process improvement, and Lean Six Sigma practices, she integrates operational discipline with cybersecurity strategy. Her leadership reflects a strong emphasis on resilience, continuity planning, and enterprise-wide security alignment.
Securing Financial Stability Through Governance and Innovation
In Massachusetts’ banking industry, cybersecurity leadership directly supports economic trust and institutional stability. These executives demonstrate how rigorous governance frameworks, strategic risk management, and cloud-aware security practices protect financial systems while enabling innovation in digital banking and financial services.
For a broader view of security leadership across finance, see CISOs to Watch in Massachusetts’ Financial Services Industry, highlighting executives securing banks, asset managers, insurers, and fintech platforms.