Illinois’ healthcare sector includes some of the country’s most complex operating environments, spanning academic medical centers, community health systems, pediatric hospitals, and large multi-entity care networks. The cybersecurity leaders in this feature reflect that breadth. Their backgrounds cover privacy, infrastructure, governance, incident response, regulatory compliance, enterprise risk, and the day-to-day challenge of protecting organizations where operational resilience and patient trust are inseparable.
Brian Griffin — Chief Information Security Executive, Northwestern Medicine
Brian Griffin serves as chief information security executive at Northwestern Medicine, where he sits at the intersection of security leadership, infrastructure, and long-running operational technology oversight inside one of Illinois’ most prominent healthcare organizations. His career at Northwestern and affiliated entities shows a leader who rose through technical support, operations, and systems leadership before taking on the top security role. That progression matters in a healthcare environment where cybersecurity cannot be separated from uptime, clinical continuity, and the operational realities of a large provider network.
Karen Habercoss — Chief Information Security and Privacy Officer, UChicago Medicine
Karen Habercoss is chief information security and privacy officer at UChicago Medicine, where she leads security and privacy for a complex academic, research, and clinical health system. Her profile stands out for combining cybersecurity and privacy leadership with a strong regulatory and human-behavior lens, supported by certifications spanning security, privacy, healthcare compliance, and AI governance. Before moving into the combined security and privacy role, she served as chief privacy officer and deputy privacy officer at UChicago Medicine, giving her a deep grounding in how healthcare institutions manage risk across patient data, compliance, and enterprise operations. That blend of privacy, governance, and executive communication makes her especially notable in a sector where security leadership increasingly has to account for legal, clinical, research, and behavioral dimensions all at once.
Murad Dikeidek — Head of Cybersecurity, UI Health
Murad Dikeidek leads cybersecurity at the University of Illinois Hospital & Health Sciences System, bringing more than two decades in IT and more than a decade of hands-on security experience inside the same institution. His background shows long-term progression through infrastructure, engineering, and information security roles, which gives him a grounded understanding of how to build and mature programs inside a high-stakes healthcare setting. In addition to his work at UI Health, he has also taught cybersecurity and networking, reflecting a leader who combines technical depth with an emphasis on education and capability building. That mix is especially relevant in hospital environments where durable security often depends as much on culture and internal development as on tooling.
Owais Haleem — Director, Information Security & Network, Sinai Chicago
Owais Haleem is director of information security and network at Sinai Chicago, where he is responsible for a broad enterprise remit spanning cybersecurity, network operations, governance, risk, compliance, and IT risk management across multiple hospitals, medical groups, institutes, and specialty care entities. His background combines healthcare security leadership with prior enterprise security work at U.S. Cellular and compliance leadership at the City of Chicago, giving him exposure to both regulated private-sector environments and large-scale public-sector governance. That combination of network, security, compliance, and multi-entity operational oversight makes him a strong example of the kind of leader healthcare systems increasingly rely on as cyber risk touches every layer of care delivery.
Aaron DeSpain — Chief Information Security Officer, Ann & Robert H. Lurie Children’s Hospital of Chicago
Aaron DeSpain is chief information security officer at Ann & Robert H. Lurie Children’s Hospital of Chicago, where he leads enterprise cybersecurity, risk management, and regulatory compliance for a nationally ranked pediatric academic medical center. His recent move into the role follows CISO leadership at Cedar Gate Technologies and earlier security leadership at Hoag Health System, where he built out core capabilities including a 24/7 security operations center and an enterprise-wide cyber risk program. Earlier still, he spent more than a decade at Kaiser Permanente in incident response, forensics, investigations, and cyber threat intelligence, experience that gives him a strong operational grounding in high-impact security environments. That mix of healthcare delivery, SaaS, and incident-focused leadership makes him particularly well suited for a pediatric hospital environment where resilience and trust are mission-critical.
Chintal Parikh — Vice President, IT & Security, Innovista Health
Chintal Parikh is vice president of IT and security at Innovista Health, where he leads enterprise infrastructure, cybersecurity, and modernization efforts across a multi-state healthcare network. His profile points to a transformation-oriented executive with a strong track record in cloud migration, post-M&A integration, ERP and EHR modernization, and cost-conscious operational improvement. Before Innovista, he held senior technology roles at Claire’s, R1 RCM, Adtalem, and Motorola, giving him experience across both healthcare-adjacent and large-scale enterprise environments. That broader enterprise background is useful in healthcare, where security leaders increasingly need to connect technical modernization with business scale, financial discipline, and operational continuity.
Shawn David — Vice President, Information Technology and Information Security, Crusader Community Health
Shawn David serves as vice president of information technology and information security at Crusader Community Health, bringing extensive healthcare leadership experience built over a long progression from network administrator to executive technology and security roles. His background includes CTO and CISO responsibilities at Rockford Health System, where he oversaw large-scale infrastructure, security, disaster recovery, compliance, and post-merger systems consolidation across hospitals and clinics. He also held interim executive roles at South Shore Health, City of Hope, and In Home Medical Group, pointing to a leader trusted to step into complex environments and improve technology maturity, resilience, and operational alignment. That history of combining strategic leadership with practical execution is especially relevant in healthcare organizations balancing security, uptime, cost control, and patient-facing transformation.
Where Illinois healthcare security leadership is showing up
What stands out across this group is the range of paths into healthcare cybersecurity leadership. Some came up through infrastructure and operations, others through privacy, governance, investigations, or enterprise transformation. Together, they show how healthcare security in Illinois is being shaped not by one single archetype, but by leaders who understand that protecting modern care environments means securing clinical operations, patient data, regulatory posture, and institutional resilience all at once.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.