What happened
BreachRx appointed Stephen Garcia as chief information security officer (CISO). Garcia will lead the company’s internal security program and help shape how the BreachRx platform supports governed, enterprise-wide incident response for complex AI-driven threats.
Garcia brings more than two decades of experience building and leading security programs across multiple industries. His previous leadership roles include positions at Western Union, BNP Paribas, Broadridge Financial, Johnson Controls, ConsenSys, FanDuel, and Napster.
His background spans enterprise security, identity, governance, and incident response situations involving legal, regulatory, operational, and reputational consequences.
BreachRx said cyber incidents have changed, becoming faster, more simultaneous, and increasingly shaped by AI. The company said incident response is no longer only a security-led process. It now spans legal, communications, IT, compliance, executive leadership, and the board.
BreachRx’s platform is designed to establish clear ownership, orchestrate cross-functional workflows, and support defensible decision-making in real time as incidents escalate and evolve.
Garcia said he joined BreachRx because he had faced the same problems other CISOs face and saw the platform as a way to solve them. He said the traditional model of detecting, escalating, convening, deliberating, and responding has too much friction for fast-moving AI-era incidents.
Who is affected
BreachRx customers, internal teams, and organizations using the company’s incident response management platform are directly affected by the appointment.
Security, IT, legal, communications, compliance, executive leadership, and board-level stakeholders may also be affected by how BreachRx continues to develop its platform for enterprise-wide incident response.
Organizations dealing with AI-driven threats and simultaneous incidents are especially relevant to the appointment, as BreachRx is positioning its platform around faster, more coordinated, and more defensible response.
Why CISOs should care
This appointment is relevant because BreachRx operates in cyber incident response management, a function that increasingly requires coordination beyond the security team. The company is emphasizing governed, enterprise-wide response at a time when incidents can move quickly and involve legal, operational, regulatory, reputational, and board-level consequences.
Garcia’s background also aligns with the challenges BreachRx says it is trying to solve. His experience includes enterprise security, identity, governance, and high-pressure incident response across multiple industries.
For CISOs, the broader message is that incident response has become a business-critical operating model, not just a technical process. As AI-driven threats compress decision timelines, organizations need clear ownership, cross-functional workflows, and defensible decision-making before an incident escalates.
3 practical actions
- Review incident response ownership across business functions: BreachRx emphasized that modern incident response now spans security, legal, communications, IT, compliance, executive leadership, and the board. CISOs should confirm who owns decisions across each function before a major incident occurs.
- Reduce friction in incident escalation and decision-making: Garcia said the traditional model of detecting, escalating, convening, deliberating, and responding has too much friction for AI-era incidents. Security leaders should review where response delays occur and define faster paths for escalation, approval, and action.
- Prepare for simultaneous AI-driven incidents: BreachRx said cyber incidents are becoming faster, more simultaneous, and increasingly shaped by AI. CISOs should test whether current playbooks can handle multiple incidents at once while maintaining coordination, accountability, and defensible decisions.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.