The German pharmaceutical sector is a global leader in innovation, research, and production of life-saving medicines. With the increasing digitalization of research, manufacturing, and supply chain operations, cybersecurity has become a critical component in protecting intellectual property, patient data, and regulatory compliance. Leading pharmaceutical companies are investing heavily in sophisticated cyber defense strategies, integrating information security into corporate governance, and ensuring operational resilience across IT, OT, and cloud environments. The CISOs in this sector play a pivotal role in safeguarding sensitive information while enabling innovation, making their leadership and technical expertise essential for maintaining trust, compliance, and continuity in an industry with high regulatory scrutiny.
Marc-André Bär — Associate Director, Cyber & Information Security, BioNTech SE
Marc-André Bär oversees the Cyber & Information Security operations at BioNTech SE, including the leadership of the Cyber Emergency Response Team (CERT). He is responsible for identifying, detecting, and responding to cyber threats while developing and implementing long-term security strategies. Marc-André coordinates the Security Operations Center (SOC) and works closely with internal teams and external partners to maintain a robust defense posture. His experience spans vulnerability management, penetration testing, and incident response planning. By combining operational leadership with technical expertise, he ensures that BioNTech’s IT infrastructure is secure and resilient, supporting the company’s critical role in vaccine development and production while meeting stringent regulatory and compliance requirements.
Oliver M. Achten — Group Chief Information Security Officer, Stada Group
Oliver M. Achten serves as Group CISO at Stada Group, leading the development of a comprehensive cybersecurity program that aligns with business objectives and regulatory requirements. He directs risk management initiatives, oversees security budgets, and ensures the implementation of robust measures to protect critical assets. With over 15 years of experience across IT, OT, and cloud environments, Oliver has built a strong track record in establishing secure infrastructures, incident response frameworks, and metrics-driven cybersecurity programs. His leadership emphasizes the integration of security strategy with corporate governance, fostering organizational resilience and promoting a culture of security awareness across the global pharmaceutical operations of Stada Group.
Steffen Hoffmann — Corporate Information Security Officer, Boehringer Ingelheim
Steffen Hoffmann is responsible for safeguarding Boehringer Ingelheim’s information assets and intellectual property, ensuring comprehensive protection against cyber threats. He implements governance and control frameworks, manages evolving security risks, and enforces compliance with regulatory standards. Steffen also leads projects to enhance the organization’s information security posture, supports the deployment of security-enabling technologies, and advises on IT and business initiatives related to information protection. His expertise spans IS security, risk management, compliance frameworks such as ISO 27002, and global infrastructure governance. By combining strategic oversight with operational execution, Steffen ensures that Boehringer Ingelheim’s IT systems and sensitive data remain secure and resilient across all business units.
Sebastien Braun — SVP Head of Global Information Security (CISO), Evotec
Sebastien Braun leads global information security at Evotec, directing initiatives to protect critical assets and ensure regulatory compliance. His role encompasses threat and vulnerability management, digital forensics, and incident response, supported by extensive experience in corporate, law enforcement, and industrial cybersecurity environments. Sebastien has previously led Bosch CERT and served as CISO at CWS International, demonstrating deep expertise in ISO 27001, security architecture, and risk management. At Evotec, he focuses on aligning cybersecurity strategy with business objectives, driving resilience, and fostering a culture of proactive security awareness. His leadership ensures Evotec’s IT systems are robust against evolving cyber threats while supporting innovative pharmaceutical research and development worldwide.
German Pharmaceutical Cybersecurity Leadership
The German pharmaceutical sector faces unique cybersecurity challenges, from protecting sensitive research data to maintaining compliance with stringent regulations. The CISOs featured here exemplify leadership and technical expertise, integrating security into business strategy, operations, and culture. Their work ensures operational resilience, regulatory compliance, and the safeguarding of intellectual property, reinforcing Germany’s position as a global leader in pharmaceuticals. By combining strategic oversight with technical proficiency, these executives provide a model for how the industry can defend against evolving cyber threats while continuing to innovate and deliver critical healthcare solutions.