Few industries present a more complex cybersecurity challenge than automotive. The modern vehicle is a networked platform. The manufacturing floor is a convergence of IT and operational technology. The supply chain spans dozens of countries and thousands of vendors. And the competitive pressure to digitize, electrify, and connect everything runs directly against the security instinct to contain, control, and limit exposure. The leaders in this feature are navigating all of that, at some of the most recognizable names in the global automotive industry.
Michael Hanley — Vice President and Chief Information Security Officer, General Motors
Before joining General Motors as VP and CISO in December 2024, Michael Hanley served as chief security officer and later CTO at GitHub, where he led all engineering and security functions for one of the world’s most widely used software development platforms. Before GitHub, he was VP of security at Duo Security, building and leading its security research, development, and operations functions before Cisco acquired Duo for $2.35 billion in 2018. At Cisco, he led the transformation of the company’s cloud security framework and served as CISO. Earlier in his career, he spent years at CERT/CC as a senior technical staff member conducting applied R&D for the Department of Defense and the Intelligence Community. That trajectory, from national security research through product security, cloud security transformation, and platform engineering leadership, gives him one of the more technically grounded profiles of any automotive CISO in the country.
Russ Gordon — Vice President and Chief Information Security Officer, Adient
Russ Gordon stepped into the VP and CISO role at Adient in February 2026, bringing a career built almost entirely inside the automotive supply chain. He spent more than eleven years at BorgWarner leading global IT risk and security, then served as CISO at PHINIA from its spinoff in 2023 through early 2026. Before BorgWarner, he spent six years at Federal-Mogul leading global information protection and compliance. That unbroken thread through automotive components, from Federal-Mogul through BorgWarner through PHINIA to Adient, reflects a depth of sector-specific security knowledge that is difficult to develop any other way. He knows the vendor ecosystems, the compliance frameworks, and the operational realities of securing global automotive manufacturing at scale.
Doug Chubb — Vice President and Chief Information Security Officer, Lear Corporation
Doug Chubb moved into the CISO role at Lear Corporation in June 2022 after joining the company as director of information technology the previous year, a transition that reflects a deliberate shift from broad IT leadership into focused security ownership. Before Lear, he served as senior director of information technology at IAC Group, another automotive interiors supplier, giving him direct supply chain adjacency to the environments he now secures. His background spans automotive, banking, and distribution, and his approach to security is grounded in the practicalities of designing, building, and managing global IT systems across industries where downtime is measured in production units, not just dollars.
Michael Bennett — Chief Information Security Officer and Chief Privacy Officer, Nexteer Automotive
Michael Bennett has spent twenty-six years at Nexteer Automotive, starting as an IT co-op and progressing through web developer, systems analyst, Microsoft platform manager, and senior IT analyst before stepping into the combined CISO and CPO role in January 2024. That internal progression is unusual in security leadership, where most executives arrive from outside. Bennett’s advantage is exactly what his background implies: he understands how Nexteer’s systems were built, how they have evolved, and how people across the organization actually use them. His master’s degree in communication and media studies from Saginaw Valley State University informs a leadership style centered on translating complex risk into language that resonates across technical and non-technical stakeholders alike.
Derek Harper — Global Chief Information Security Officer, Forvia
Derek Harper spent nearly a decade as CIO for Faurecia’s North American operations before stepping into the global CISO role at Forvia in February 2026 following the company’s rebranding. Before Faurecia, he spent more than fifteen years at General Motors, progressing from senior controls engineer and engineering manager through plant IT manager, regional plant IT manager, global IT deployment manager, and IT group manager with direct responsibility for IT operations at nine GM manufacturing facilities and oversight of more than 150 IT professionals. That operational technology and manufacturing floor background is not decorative. It is the foundation from which he now approaches cybersecurity across a global automotive components supplier with a footprint spanning dozens of countries. Few CISOs in the automotive sector have spent as many years as close to the production environment as Harper has.
What Michigan’s Automotive Security Leaders Reflect
The automotive industry is not just digitizing. It is fundamentally restructuring around software, connectivity, and electrification, which means the security challenge is restructuring too. The leaders in this feature are not managing a static risk environment. They are securing organizations in motion, where the attack surface is expanding, the supply chain is increasingly software-defined, and the consequences of a significant breach extend from factory floors to vehicle safety. Michigan’s automotive security bench is meeting that challenge with leaders who understand the industry from the inside out.
Discover more CISOs securing the automotive industry in various locations: