Massachusetts’ information technology sector spans enterprise platforms, SaaS providers, managed services firms, and digital infrastructure companies that power nearly every other industry. Cybersecurity leadership in this environment requires deep expertise in cloud operations, DevOps, regulatory alignment, and scalable platform resilience. The executives below represent the security leaders shaping secure innovation across the Commonwealth’s IT ecosystem.
Robert Sullivan — Chief Information Security Officer, Agero, Inc.
Robert Sullivan is a senior IT and cybersecurity executive overseeing security, site reliability, cloud operations, DevOps, systems management, telecommunications, and enterprise platform uptime at Agero. Reporting to the Chief Digital Officer, he is responsible for both strategic cybersecurity direction and operational execution across multiple technical domains. Known for transforming traditional environments into agile, cloud-enabled platforms, he combines business acumen, vendor management expertise, and infrastructure leadership to deliver resilient, high-availability digital experiences.
Jeffrey Spear — Chief Information Security Officer, Tufin
Jeffrey Spear leads security strategy at Tufin, focusing on Zero Trust architecture, network security posture management, and policy-based controls across hybrid environments. With over 15 years of experience across SaaS, healthcare, and hospitality sectors, he builds high-performing security teams aligned to business growth. His approach positions security as a strategic enabler, ensuring protection frameworks scale alongside evolving enterprise platforms.
Joseph Adu — Chief Information Security Officer, CentralReach
Joseph Adu oversees security and IT at CentralReach, a leading behavioral health technology platform. A former founding CTO and early technical hire, he has built and scaled SaaS products, global technology teams, and ISO 27001-aligned security programs that meet enterprise-grade compliance standards. His leadership bridges technology, governance, and business strategy, enabling secure growth while fostering inclusive and high-performing engineering and security teams.
Nicholas Kathmann — Chief Information Security Officer, LogicGate
Nicholas Kathmann is responsible for scaling LogicGate’s information security program, managing external system security, advancing platform security innovation, and engaging customers on security management strategy. His leadership centers on strengthening cloud-native application security and building trusted relationships with enterprise clients in regulated environments.
SK Bhachech — Chief Information Security Officer, Riverbed Technology
SK Bhachech brings more than 20 years of global leadership in information security across high-growth B2B SaaS organizations. At Riverbed Technology, he leads the development and implementation of security and privacy programs aligned with frameworks including FedRAMP, ISO 27001, GDPR, ISO 27701, SOC 2, and TISAX. His expertise spans cybersecurity architecture, regulatory compliance, financial strategy, and distributed team leadership supporting customers across government, healthcare, financial services, and automotive sectors.
Mark Coogan — Chief Information Security Officer, Compliance & Risks
Mark Coogan focuses on building secure, modern IT and cybersecurity programs for growing SaaS organizations. With more than 25 years of experience, he leads cloud security strategy, AI governance initiatives, compliance programs such as SOC 2 and ISO 27001, and DevOps/SRE modernization efforts. His pragmatic approach aligns security and compliance with product growth, ensuring organizations scale responsibly without unnecessary bureaucracy.
Jeffery Lauria — Chief Information Security Officer, iCorps Technologies
Jeffery Lauria leads security strategy and managed security services at iCorps Technologies, aligning client security programs with frameworks such as NIST, CIS Controls, PCI, GLBA, SOX, and GDPR. He established a multi-tier Security Operations Center delivering 24/7 monitoring and incident response services and advises executive teams and boards on emerging cyber risks. With certifications including CISSP, CIPP/US, CISA, and CGEIT, he blends strategic consulting expertise with hands-on operational leadership to strengthen enterprise security posture.
Securing the Backbone of Digital Innovation
In Massachusetts’ IT industry, cybersecurity leaders are responsible not only for protecting internal infrastructure but also for securing the platforms and services that power other sectors. From cloud-native SaaS to managed security operations, these CISOs demonstrate how governance, architecture, operational maturity, and executive alignment form the foundation of secure digital transformation.
For a closer look at security embedded directly into product lifecycles and application ecosystems, read CISOs to Watch in Massachusetts’ Software Industry.