Iowa’s financial and insurance sectors rely on cybersecurity leaders who can protect sensitive data, support regulatory compliance, and strengthen resilience in organizations where trust is central to the business. The people in this feature reflect that responsibility across insurance carriers, health insurers, retirement and financial services firms, and adjacent risk-driven businesses. Their backgrounds span information security leadership, governance, cloud and identity strategy, secure software, and the long-term work of maturing cyber programs inside highly regulated environments.
Jordan Lightfoot — Chief Information Security Officer, American Equity
At American Equity, Jordan Lightfoot has progressed from team lead in information security to information security manager and now chief information security officer, giving him a strong internal track record within one of Iowa’s insurance-related financial organizations. Before American Equity, he worked as an information security specialist at D+H and began his career with Harland Financial Solutions, building a foundation in financial technology and security operations. That progression makes him a notable example of a leader who has grown with the business while helping shape its security direction from within.
Andy Neller — Deputy Chief Information Security Officer, Wellmark Blue Cross and Blue Shield
Andy Neller serves as deputy chief information security officer at Wellmark Blue Cross and Blue Shield, where his tenure stretches back more than two decades across security leadership roles tied to operations, risk, and security oversight. His profile highlights deep experience in helping regulated organizations navigate cloud transition, governance, and security program development, supported by certifications including CISSP, C|CISO, CRISC, and CCE. With long-standing responsibility inside one of Iowa’s best-known health insurance organizations, Neller represents a steady senior presence in the state’s financial and insurance cyber leadership landscape.
Eric Svalstad — Deputy Chief Information Security Officer, Transamerica
At Transamerica, Eric Svalstad serves as deputy chief information security officer after a long career across Aegon and Transamerica technology leadership roles that included business information security, identity and access management, IT leadership, and operations. His experience spans more than two decades inside a major financial services environment, giving him a strong mix of enterprise technology depth and security leadership maturity. That background, especially his leadership in identity and access management and broader corporate technology functions, gives him a meaningful role in shaping cybersecurity at one of Iowa’s major financial brands.
Joseph Peppers — Chief Information Security Officer, ClaimDOC
Joseph Peppers became chief information security officer at ClaimDOC in 2026 after building much of his security career at Principal Financial Group, where he advanced through analyst and engineering roles into senior-level information security engineering positions. His profile reflects a strong emphasis on secure software, threat modeling, vulnerability management, architecture reviews, and the implementation of tools such as SAST, SCA, DAST, IAST, RASP, OAST, and secrets management. With a master’s degree focused on security and information assurance and experience teaching at Des Moines Area Community College, Peppers brings both technical depth and security leadership perspective to Iowa’s financial and insurance ecosystem.
Curtis Seitz — Director of Information Security, Openly
At Openly, Curtis Seitz serves as director of information security after previously holding senior information security leadership roles at Businessolver and earlier systems and security engineering positions at Kum & Go, Greater Regional Medical Center, CBE, and the University of Northern Iowa. His background combines cloud, hybrid, and on-premise security work with experience in security strategy, audits, incident response, and stakeholder alignment. That breadth gives him a useful cross-sector lens, but his current role in insurtech makes him especially relevant to any look at Iowa’s rising cybersecurity leaders in financial and insurance-adjacent markets.
Andrew Laffey — Director Information Security, Wellabe
Andrew Laffey is director of information security at Wellabe, where he has built a long career through successive roles including systems analyst, systems security analyst, information security manager, and now director. That internal progression reflects deep institutional experience and a sustained focus on infrastructure, incident response, and enterprise security in an insurance setting. His long tenure at the organization makes him a strong example of the kind of cybersecurity leader who helps shape security maturity over time rather than arriving only at the executive stage.
Why cyber leadership matters in Iowa’s regulated economy
What stands out across this group is how closely cybersecurity in Iowa’s financial and insurance sectors is tied to operational trust, compliance, and long-term program maturity. These leaders are not just managing technical controls. They are helping shape how institutions protect customer data, support business growth, and stay resilient in environments where security failures can quickly become business failures.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.