Massachusetts’ government technology ecosystem supports millions of residents across public safety, health and human services, transportation, education, and municipal operations. Cybersecurity leadership in this environment requires balancing regulatory compliance, operational resilience, incident response readiness, and public trust. The leaders below are responsible for protecting some of the Commonwealth’s most critical digital infrastructure.
Greg McCarthy — Chief Information Security Officer, City of Boston
Greg McCarthy serves as the first Chief Information Security Officer for the City of Boston, providing strategic direction for cybersecurity and identity and access management programs supporting more than 20,000 employees. He chairs the city’s cybersecurity executive steering committee, leads enterprise security procurement initiatives, manages a multi-million-dollar capital cybersecurity budget, and serves as Incident Manager for cybersecurity events. His leadership includes establishing mandatory security awareness training and securing federal funding to strengthen cybersecurity posture across multiple municipalities in the Metro Boston Homeland Security Region.
Tina I. Smith — Chief Information Security Officer, Executive Office of Public Safety and Security
Tina I. Smith is the inaugural CISO for the Executive Office of Public Safety and Security (EOPSS), reporting directly to the CIO and overseeing protection of Commonwealth digital assets. She established governance protocols and implemented strategic baseline controls aligned with NIST and FBI-CJIS standards, while leading vulnerability management efforts that significantly reduced organizational risk exposure. Her work spans cybersecurity governance, regulatory compliance, incident response, and cross-agency risk collaboration.
Anthony Ristaino — Chief Information Security Officer, Commonwealth of Massachusetts (Executive Office of Health and Human Services)
Anthony Ristaino serves as CISO for the Executive Office of Health and Human Services, overseeing cybersecurity strategy for one of the Commonwealth’s most complex and citizen-facing agencies. He is known for proactive, forward-thinking leadership and the ability to balance high-level strategic oversight with operational execution, fostering strong team culture while strengthening security posture across mission-critical systems.
Ty Smith — Chief Information Security Officer, Massachusetts Trial Court
Ty Smith leads cybersecurity for the Massachusetts Trial Court, bringing extensive experience across government, defense, and higher education environments. His background includes roles at Harvard Kennedy School and decades of service with the U.S. Army Reserve in information systems analysis and computer network defense. He combines public sector governance expertise with hands-on technical experience in certification, accreditation, and classified systems security.
Scott Margolis — Chief Information Security Officer, MBTA
Scott Margolis oversees cybersecurity strategy for the Massachusetts Bay Transportation Authority (MBTA), protecting systems serving over 1.3 million daily passengers. With more than 25 years of experience in information technology and security, he has led enterprise security programs in healthcare and public sector environments. At MBTA, he focuses on strengthening operational resilience, reducing cyber risk exposure, and safeguarding transit infrastructure.
David Wright — Chief Information Security Officer, Everett Public Schools
David Wright leads cybersecurity strategy for Everett Public Schools, developing and overseeing a unified security framework across municipal and education environments. A U.S. Air Force veteran with over 20 years of experience in IT operations and cybersecurity, he directs incident response planning, disaster recovery, vendor risk review, and compliance initiatives while advising city leadership on infrastructure modernization and cloud adoption strategies.
Securing Public Trust Across the Commonwealth
From municipal systems to public safety infrastructure and health services platforms, cybersecurity leaders in Massachusetts’ government administration sector operate at the intersection of regulatory complexity and public accountability. Their work ensures that digital transformation in the public sector is matched by disciplined governance, resilient infrastructure, and a sustained commitment to protecting citizens’ data.
For a look at cybersecurity leadership shaping enterprise risk strategy and advisory services, read CISOs to Watch in Massachusetts’ Management Consulting Industry.