Minnesota has produced a quietly strong CISO community, particularly in financial services and insurance. The leaders in this feature are based in the Twin Cities metro or built the core of their careers there, and their work spans credit unions, community banking, wealth management, payment technology, title insurance, and one of the most consequential public sector security legacies in the state’s history. The companies they work for are not all Minnesota companies. But the talent is.
Nick Lyles — Senior Vice President and Chief Information Security Officer, TruStone Financial Credit Union
Nick Lyles stepped into the SVP and CISO role at TruStone Financial in February 2026 after spending nearly five years at the same institution as VP of infrastructure and operations and information security officer simultaneously. Before TruStone, he spent more than three years as a senior security analyst at Hiway Federal Credit Union, where his hands-on work spanned vulnerability management, cloud security, endpoint protection, network security, active directory governance, and employee security awareness. His career has been built entirely inside Minnesota’s credit union ecosystem, which means he understands the regulatory environment, the membership model, and the operational constraints of that sector with a depth that transfers directly into how he leads at TruStone.
Chris Mau — Director of Technology and Chief Information Security Officer, Riverbridge Partners
Nearly sixteen years at Riverbridge Partners tell the story here. Chris Mau joined the Minneapolis-based investment management firm as an MIS intern in 2007, progressing through business systems analyst, trading and operations manager, and senior systems analyst before stepping into the combined director of technology and CISO role in January 2024. That trajectory, from intern to security executive inside a single wealth management firm, reflects an institutional fluency that is genuinely rare. In an investment management environment where data confidentiality, regulatory compliance, and operational continuity are foundational to client trust, having a security leader who has spent sixteen years learning how the business actually works is not a minor advantage.
Todd Noble — Chief Information Security Officer, Kensington Bank
Todd Noble has served as CISO at Kensington Bank since July 2018, bringing a background that spans technical IT leadership in Minnesota’s court system, software development at Minnesota State Colleges and Universities, and ERP system administration at the South Dakota Board of Regents. His twenty-year tenure at the Supreme Court of Minnesota, where he progressed from network specialist through IT supervisor, gave him a grounding in compliance, disaster recovery, infrastructure governance, and public accountability that translates directly into community banking security leadership. His role at Kensington Bank extends beyond information security to include physical security, law enforcement liaison, and security audit functions, reflecting the kind of broad security ownership that is common in smaller financial institutions where one leader has to cover considerable ground.
Toby Meyer — Chief Information Security Officer, Celero Commerce
Toby Meyer built his career across two decades of Minneapolis-area technology work before moving into security leadership. His background spans Wells Fargo, where he spent seven years as a lead middleware engineer and assistant VP, consulting engagements at General Mills, ING, Best Buy, and Land O’Lakes, architecture work at RBA Consulting, and a six-year run running his own hybrid cloud infrastructure and security consulting practice before moving into VP and CISO roles at Celero Commerce. That consulting background, covering financial services, retail, and enterprise technology clients across the country, produced a security leader with a practical, architecture-first approach to risk. He now leads information security, software, cloud, and infrastructure architecture at Celero Commerce from St. Paul, applying thirty years of technology experience to a payment technology environment where security is core to the product.
Christopher Buse — Chief Information Security Officer, Old Republic International
Christopher Buse was the first CISO of the State of Minnesota, a role he held for more than a decade after spending nineteen years as IT audit manager at the Minnesota Office of the Legislative Auditor. That public sector arc, from auditor to the architect of Minnesota’s enterprise security program, shaped a security philosophy grounded in accountability, governance, and the kind of rigorous documentation that government environments demand. He holds CPA, CISA, and CISSP certifications, served as president of the Minnesota ISACA chapter, and retired from state government before joining Old Republic Title as CISO in 2020, a role that has since expanded to include Old Republic International. His transition from designing statewide government security architecture to leading security for a major title insurance company reflects a career built on the fundamentals of governance and risk that transfer across sectors.
Lisa Lybeck — Vice President and Chief Information Security Officer, TruStage
Lisa Lybeck has spent more than thirty-one years at TruStage, the insurance and financial services company that grew out of CUNA Mutual Group and serves the credit union community. Her path to the CISO role is one of the more unusual in this feature: she began in electronic funds transfer product management, built the company’s first e-commerce department, created its first usability competency center, led application development, document management, and call center technology functions, and established the first ITIL change management practice spanning all of TruStage’s IT areas, before moving into enterprise architecture and then combining that role with the CISO title in 2016 and stepping into the VP and CISO seat in 2018. Before TruStage, she worked at the St. Paul Police Department in records, research, and development. That combination of law enforcement operations, product management, enterprise architecture, and three decades of institutional knowledge inside a credit union-focused financial services company gives her one of the most distinctive backgrounds in Minnesota’s security community.
Minnesota Security Leadership Built From the Inside Out
What stands out across this group is how many of these leaders built their careers inside the same organizations they now lead from a security perspective. That pattern, of internal progression rather than external recruitment, produces security programs that are grounded in how the business actually operates rather than how a framework says it should. In Minnesota’s financial services and insurance sector, where member trust and regulatory discipline are the foundation of every client relationship, that kind of institutional grounding is not incidental. It is the whole point.
Discover more CISOs securing the financial sector:
- Cybersecurity Leaders to Watch in Tennessee’s Financial Services Industry
- Cybersecurity Leaders to Watch in Nebraska’s Financial Services and Insurance Sector
- Cybersecurity Leaders to Watch in Illinois Financial Services Industry
- CISOs to Watch in Florida’s Financial Services Industry
- CISOs to Watch in Pennsylvania’s Financial Services Industry
