Alabama’s cybersecurity leadership bench spans healthcare, insurance, legal services, higher education, government, aerospace, and enterprise technology. The people in this feature are leading security programs inside hospitals, universities, cities, financial institutions, law firms, and mission-driven organizations where resilience, governance, and risk management directly affect operations. Together, they reflect how broad and mature Alabama’s cyber leadership ecosystem has become.
Ryan Allen — Chief Information Security Officer, University of Alabama at Birmingham Health System
Ryan Allen is Chief Information Security Officer at the University of Alabama at Birmingham Health System, where he leads cybersecurity in one of the state’s most important healthcare environments. Before that, he served as Chief Information Security Officer for the State of Alabama and earlier held senior IT leadership roles at Children’s of Alabama and UAB, where he built formal security teams, led major infrastructure modernization efforts, and managed compliance across large healthcare and research environments. His background gives him deep experience across both public-sector and healthcare cybersecurity in Alabama.
Justin Allen — Chief Information Security Officer, Protective Life
Justin Allen is Chief Information Security Officer at Protective Life, bringing a background that combines cloud security, security operations, audit, governance, and enterprise risk management. Before joining Protective Life, he led cloud security engineering and attack surface reduction efforts at U.S. Bank, directed security operations at BBVA in the USA, and earlier worked in technology risk and governance at the Federal Reserve Bank of New York and Raymond James. His career reflects a strong mix of operational security leadership and financial-sector control expertise.
Tim Searcy — Chief Information Security Officer, Baker Donelson
Tim Searcy is Chief Information Security Officer at Baker Donelson and previously spent more than sixteen years as VP and CISO at Protective Life. His experience covers the full breadth of enterprise security leadership, including strategic planning, policy and standards, identity and access management, risk assessment, network security architecture, security awareness, incident response, business continuity, disaster recovery, and regulatory compliance. With prior roles at SouthTrust and AmSouth as well, he brings one of the longest-running security leadership track records in Alabama’s financial and legal sectors.
David Patton — Chief Information Security Officer, City of Huntsville
David Patton is Chief Information Security Officer for the City of Huntsville, where he leads cybersecurity for one of Alabama’s most important technology and defense-adjacent cities. He previously served as Information Systems Security Officer for the city and earlier held leadership roles focused on information assurance, compliance, and consulting. His work has included experience across frameworks and regulatory environments such as NIST, DFARS, GDPR, FFIEC, and HIPAA, giving him a broad operational view of municipal and enterprise security needs.
Brian Rasco — Chief Information Security Officer and Assistant Chief Information Officer, Samford University
Brian Rasco is Chief Information Security Officer and Assistant Chief Information Officer at Samford University, following security leadership roles at SCA Health, UAB Medicine, Blue Cross and Blue Shield of Alabama, and Protective Life. His background spans healthcare, insurance, higher education, and financial services, with experience in information security program leadership, risk and compliance, identity and access management, and security awareness. That cross-sector experience makes him a notable figure in Alabama’s cybersecurity community, especially across Birmingham-based institutions.
Alex Ryals — Chief Information Security Officer and SVP of Solutions, MicroAge
Alex Ryals is Chief Information Security Officer and SVP of Solutions at MicroAge, where he combines internal cybersecurity and IT leadership with external responsibility for solution architecture and delivery across cybersecurity, Microsoft, data, AI, and services. Earlier in his career, he held senior cybersecurity and channel leadership roles at Ping Identity, TD SYNNEX, Tech Data, Avnet, and Pepperweed Consulting. His profile stands out for blending hands-on security leadership with deep experience scaling cybersecurity solutions through large partner and enterprise ecosystems.
Tim Fiedorowicz — Chief Information Security Officer, NASA Marshall Space Flight Center
Tim Fiedorowicz is CISO at NASA Marshall Space Flight Center, where he leads cybersecurity and privacy programs tied to mission systems, enterprise applications, and platform services. His background includes earlier cyber leadership roles within NASA-related environments through SAIC, as well as offensive security, engineering automation, and security operations leadership at Fifth Third Bank. His work spans DevSecOps, application security, cloud security, compliance, risk management, and mission support, placing him at the intersection of aerospace, government, and enterprise cyber leadership in Alabama.
Joseph Hall Jr. — Chief Information Officer and Information Security Manager, Civil Air Patrol
Joseph Hall Jr. serves as Chief Information Officer and Information Security Manager for Civil Air Patrol, where he helps shape enterprise IT strategy, governance, digital transformation, and security for an organization serving tens of thousands of members nationwide. Over many years with the organization, he has helped mature its IT governance model, led cloud and infrastructure planning, strengthened risk management, and supported security strategy using frameworks such as COBIT and NIST. His role is notable for combining CIO-level transformation leadership with direct information security oversight.
Alabama’s Cyber Leadership Depth
What stands out about Alabama’s cyber leadership landscape is its range. These leaders are securing health systems, financial institutions, universities, city infrastructure, aerospace environments, legal operations, and national organizations, often while balancing operational demands with regulatory pressure and long-term modernization goals. That breadth is a big part of what makes Alabama worth watching in cybersecurity.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.