Virginia’s healthcare sector encompasses major hospital systems, academic medical centers, community health organizations, and digital health platforms serving millions of patients across the state. As clinical systems become increasingly connected and patient data more valuable to threat actors, cybersecurity leaders in this industry carry the dual responsibility of protecting sensitive medical information while ensuring uninterrupted care delivery.
The professionals below represent cybersecurity leadership helping shape security strategy across Virginia’s hospitals and healthcare industry.
Brady Miller — Chief Information Security Officer, Carilion Clinic
Brady Miller serves as Chief Information Security Officer at Carilion Clinic, where he leads cybersecurity operations, risk management, and incident response for one of Virginia’s largest integrated health systems. With more than 20 years of experience in information security, he focuses on aligning security strategy with organizational objectives while building a culture of security awareness and resilience across clinical and administrative environments.
Bob Flores — Virtual Chief Information Security Officer, Thesus Health
Bob Flores serves as Virtual Chief Information Security Officer at Thesus Health, bringing executive-level cybersecurity and enterprise architecture expertise to the organization. A former Chief Technology Officer in the U.S. Intelligence Community, he draws on deep experience in security assessments, cloud migration strategy, and special communications to help healthcare organizations strengthen their security posture and governance frameworks.
Jason Alexander — Vice President & Chief Information Security Officer, VCU Health
Jason Alexander serves as Vice President and Chief Information Security Officer at VCU Health, where he leads information security strategy for a major academic health system. With 24 years of experience spanning healthcare, retail, academia, and military sectors, he has a proven record of building and transforming security programs while advising executive leadership and boards of directors on risk, compliance, and emerging cyber challenges.
Tracy Griffin — Chief Information Security Officer, Bon Secours Mercy Health
Tracy Griffin serves as Chief Information Security Officer at Bon Secours Mercy Health, where she leads enterprise cybersecurity strategy for one of the nation’s largest Catholic health systems. She brings more than 15 years of progressive security leadership within the Bon Secours organization, with deep expertise in information security risk management, compliance, and privacy developed through roles spanning application audit, risk assurance, and health information management.
Greg Thompson — Chief Information Security Officer, VHC Health
Greg Thompson serves as Chief Information Security Officer at VHC Health, where he leads efforts to integrate cybersecurity principles with business operations across the organization. His work spans threat assessment, risk management, and security innovation, with a focus on building organizational resilience, fostering a culture of security awareness, and leveraging AI-driven insights to support cross-functional collaboration and strategic alignment.
Mark Beckmeyer — Chief Information Security Officer, Paradigm Health
Mark Beckmeyer serves as Chief Information Security Officer at Paradigm Health, where he leads cybersecurity strategy for the Poquoson-based healthcare organization. He brings more than two decades of security leadership across healthcare technology firms including Binary Fountain, Rally Health, and Zingtree, with experience spanning IT security, privacy, and security consulting roles at organizations including Verizon Enterprise Solutions and TEKsystems.
Zishan Siddiqui — Chief Information Security Officer, Sentara Health
Zishan Siddiqui serves as Chief Information Security Officer at Sentara Health, where he leads enterprise cybersecurity strategy for one of the Mid-Atlantic’s largest integrated health systems. Before joining Sentara, he spent more than a decade at GE Healthcare, where he served as Vice President of Cybersecurity with global responsibility for privacy, security governance, and compliance across the organization’s customer-facing operations.
Cybersecurity Leadership Across Virginia’s Healthcare Ecosystem
Virginia’s healthcare organizations face some of the most demanding cybersecurity challenges of any industry, where protecting patient data and maintaining compliance must never come at the expense of clinical continuity. The leaders featured here are helping shape how the state’s hospitals and health systems manage risk, respond to threats, and build security programs capable of keeping pace with an evolving digital health landscape.
Healthcare organizations increasingly rely on technology partners and managed service providers to support their security operations. Explore how security leaders protect those platforms in CISOs to Watch in Virginia’s Information Technology Industry.