North Carolina’s healthcare sector depends on cybersecurity leaders who can protect patient data, ensure clinical continuity, and support innovation across hospital systems, digital health platforms, and medical technology providers. The executives in this group reflect the breadth of cybersecurity leadership shaping healthcare across the state, from major health systems and academic institutions to telehealth and healthtech companies.
Todd Greene — SVP & CISO, Advocate Health
Todd Greene leads cybersecurity at Advocate Health, one of the largest health systems in the United States. His career spans more than two decades within the same healthcare ecosystem, evolving from hands-on security roles into executive leadership overseeing enterprise-wide security strategy.
That long tenure gives him deep institutional knowledge across clinical systems, compliance frameworks like HIPAA and PCI, and the operational realities of healthcare delivery. His leadership reflects a steady progression from technical execution to governance and enterprise risk management, making him a foundational figure in North Carolina’s healthcare cybersecurity landscape.
Henry Capello — VP & CISO, Dentsply Sirona
Henry Capello serves as CISO at Dentsply Sirona, where he leads global cybersecurity strategy across operations spanning more than 120 countries. While the company sits at the intersection of healthcare and manufacturing, his role directly impacts patient safety, product integrity, and regulatory compliance in the dental and medical technology space.
He is known for aligning cybersecurity with business outcomes, integrating IT and OT environments, and advancing AI-driven security capabilities. His leadership combines enterprise-scale transformation with measurable operational improvements, positioning him as a key figure in healthcare-adjacent cybersecurity within North Carolina.
Randy Arvay — CTO & CISO, Duke University Health System
Randy Arvay leads both technology and cybersecurity strategy at Duke University Health System, one of the nation’s leading academic medical institutions. His remit spans enterprise infrastructure, cloud platforms, research computing, and cybersecurity across a highly complex environment that blends clinical care, biomedical research, and education.
His background includes multiple CISO roles within academic health systems, giving him deep expertise in managing cyber risk in research-intensive environments. In addition to his executive responsibilities, he contributes to cybersecurity education as an adjunct faculty member, reinforcing his role in shaping both current and future healthcare security practices.
Tony Belthrop — CISO, MD Live by Evernorth
Tony Belthrop leads cybersecurity at MD Live by Evernorth, a major telehealth platform, where he focuses on securing digital care delivery and protecting sensitive patient data in a rapidly evolving virtual healthcare environment.
With more than 20 years of experience, he brings a business-first approach to cybersecurity, emphasizing risk management, regulatory compliance, and organizational transformation. His work reflects the growing importance of cybersecurity in telehealth, where security must scale alongside accessibility and patient engagement.
George G. McBride — CISO, Lumexa Imaging
George G. McBride oversees cybersecurity at Lumexa Imaging, where he is responsible for protecting patient data, ensuring regulatory compliance, and managing risk across imaging and diagnostic systems. His role covers a wide range of functions, from incident response and vulnerability management to third-party risk and cloud security.
With over 20 years of experience, he brings a strong operational foundation in building and maturing cybersecurity programmes. His focus on enabling business operations within a risk-balanced framework reflects the realities of healthcare environments where uptime, compliance, and security must all align.
David Hoover — CISO, Validic
David Hoover leads information security at Validic, a digital health platform focused on integrating and managing healthcare data. His role centers on building and maintaining security and privacy programmes that support healthcare data exchange while meeting stringent regulatory requirements.
His experience spans government, academia, and private sector environments, giving him a broad perspective on security challenges across different types of organisations. At Validic, he has led efforts toward certifications such as ISO 27001 and HITRUST, reinforcing the company’s position in secure health data infrastructure.
Securing the Future of Healthcare in North Carolina
From major health systems and academic institutions to telehealth and digital health platforms, North Carolina’s healthcare cybersecurity leaders are shaping how patient data, clinical systems, and innovation are protected at scale. Their work highlights the growing role of cybersecurity as a core pillar of modern healthcare delivery.
Discover more cybersecurity leaders making a mark in various industries through our CISOs to Watch features.