Financial services cybersecurity in Michigan does not all look the same. The CISOs in this feature are securing a wealth management firm, a specialty insurance group, a farm credit institution, a community bank, a credit union serving a major university’s community, and another credit union with a decade of continuous security leadership. The regulatory frameworks, client profiles, and operational risks differ across all of them. What does not differ is the weight of the accountability: these are institutions where a breach is not just a technology failure but a fundamental violation of the trust that financial relationships depend on.
Oliver Krings — Chief Information Officer and Chief Information Security Officer, Greenleaf Trust
Oliver Krings has spent nearly eighteen years at Greenleaf Trust, progressing from CTO through CIO before adding the CISO title in January 2024. That combination of technology and security leadership under one executive is more common in smaller financial institutions, but it requires a particular kind of breadth: the ability to hold strategic technology vision and operational security accountability simultaneously without either function suffering. His background spans infrastructure and systems architecture, business continuity and disaster recovery, compliance, and budget management across a wealth management environment where client confidentiality is not just a regulatory requirement but the foundation of every client relationship.
Julie Mills — Chief Information Security Officer, Credit Union ONE
Julie Mills has served as CISO at Credit Union ONE since February 2015, a tenure of more than a decade that reflects sustained institutional commitment to building security from within rather than cycling through external hires. She scored high enough on a GIAC exam to earn a seat on the GIAC Advisory Board, a meritocracy-based forum for commentary on SANS and GIAC processes that is open only to top performers. She also founded Mills Technology, a practice focused on securing new and growing companies through information security reviews, gap analyses, and program development. That parallel advisory work gives her a window into how smaller organizations approach security that informs her own program leadership at the credit union.
Matthew Cosgrove — Chief Information Security Officer, GreenStone Farm Credit Services
Sixteen years at GreenStone Farm Credit Services and a progression from service desk specialist through client support analyst, system administrator, security administrator, information security manager, and VP of information security before stepping into the CISO role in March 2024 gives Matthew Cosgrove a depth of institutional knowledge that most security executives spend careers trying to approximate. He holds CISSP, GCIH, GMON, and GNFA certifications, reflecting technical depth across incident handling, continuous monitoring, and network forensics. Farm credit institutions occupy a specific regulatory and operational niche, serving agricultural borrowers and rural communities under Farm Credit Administration oversight. Cosgrove has built his entire security career inside that environment, which means he understands its requirements, its seasonal rhythms, and its risk profile in a way that no external hire could replicate quickly.
Aaron Buck — Chief Information Security Officer, H.W. Kaufman Group
Aaron Buck has spent more than fourteen years at H.W. Kaufman Group, an insurance holding company specializing in specialty and surplus lines. He joined as manager of information technology and has progressively taken on greater security and operational responsibility, moving through director, associate VP, corporate VP, and CISO roles over that period. Before H.W. Kaufman, he served as director of IT operations and HIPAA security officer at Genesys PHO in Flint, giving him a regulated healthcare environment foundation that translates directly into the compliance discipline his current role demands. His career reflects a consistent pattern: enter an organization, build trust, take on more, and stay long enough to see the programs mature.
Brian Swaid — First Vice President and Chief Information Security Officer, Independent Bank
Brian Swaid joined Independent Bank as FVP and CISO in November 2023, bringing a Michigan banking career that stretches back more than fifteen years. He spent nearly a decade at Chemical Bank as security architect, manager of information security systems and engineering, and AVP manager of information security services, then moved to Ascension Technologies and later served as VP and information security officer at University Bank before stepping into his current role. His early career included security analysis at IBM Internet Security Systems, giving him a technical foundation in threat detection and network security that precedes his banking tenure. That combination of enterprise security consulting roots and deep Michigan community banking experience gives him a grounded, operationally focused perspective on what financial institution security actually requires day to day.
Erin Landis — Chief Information Security Officer, MSU Federal Credit Union
Erin Landis stepped into the CISO role at MSU Federal Credit Union in April 2025 after nearly eight years at the same institution, progressing from information security analyst through senior analyst, architect, and manager before taking the top security seat. That internal progression reflects a deliberate investment by the organization in developing security talent from within, and it means Landis understands the credit union’s systems, member base, and risk environment with a depth that would take an external hire years to develop. MSU Federal Credit Union serves one of Michigan’s largest university communities, which means its member profile spans students, faculty, staff, and alumni across a demographic range that presents its own specific security and fraud challenges.
Michigan’s Financial Security Leaders Are Closer to the Client Than Most
What distinguishes financial services security from most other sectors is how directly the work connects to individual people’s financial lives. A breach at a community bank or credit union is not an abstract corporate risk event. It is someone’s savings account, mortgage payment, or retirement fund at risk. The leaders in this feature have built their careers understanding that proximity and taking it seriously. Their programs are not designed for auditors. They are designed for the members, clients, and communities their institutions serve.
Discover more Michigan CISOs:
