Cleared for Takeoff: CISOs to Watch in Aviation

Related

Road Ready: CISOs to Watch in Automotive and Transportation

The automotive and transportation sector is undergoing a digital...

Classroom to Cloud: CISOs to Watch in Higher Education

Higher education security sits at an unusual intersection of...

Silicon and Stakes: CISOs to Watch in Semiconductor Technology

Semiconductor and advanced electronics companies sit at the center...

Built to Last: CISOs to Watch in Manufacturing and Engineered Technology

Manufacturing and engineered technology companies face a security challenge...

Share

Aviation security is not purely a cybersecurity problem, but it is increasingly one. Airports run operational technology that controls gates, baggage systems, access control, and passenger processing. Airlines manage reservations, loyalty programs, and operational data across distributed networks. Air medical services depend on technology that cannot go down when a flight is inbound. The financial infrastructure that settles billions in airline transactions depends on the integrity of systems that the entire industry relies on. The CISOs in this feature are protecting organizations where a security failure can mean more than a data breach. It can mean disruption to operations that passengers and communities depend on.

Chris Larivee — CISO, Denver International Airport

Chris Larivee has spent more than fourteen years at Denver International Airport, one of the busiest airports in the world, progressing from director of information technology and CISO through senior director of IT, CIO and CISO, and stepping into the dedicated CISO role in October 2021. Before his current security focus, he held combined technology and security leadership spanning information security, network, infrastructure, server engineering, data center, and business solutions. Before DIA, he spent nearly two years as an enterprise architect at MillerCoors, two and a half years as IT security manager and enterprise applications architect at Molson Coors, and seven months as a security and identity management architect at Unisys. He began his career as a US Army interrogator for five years before transitioning to technology. That combination of military intelligence background, beverage industry security leadership, and fourteen years of progressive technology and security accountability at one of North America’s largest airports reflects a career built on both operational discipline and institutional depth.

Jeff Holschuh — CISO, Sun Country Airlines

Jeff Holschuh has served as CISO at Sun Country Airlines since March 2020, leading security for a Minneapolis-based low-cost carrier operating scheduled passenger service, charter flights, and cargo operations. Before Sun Country, he spent nearly four years at Code42 as founding member of the identity organization, building the identity management function from the ground up including technology selection, process design, and team development. Before Code42, he spent more than eleven years at Target across senior engineer, manager of directory services, and senior manager of identity and access engineering roles, developing deep IAM expertise inside one of the largest retailers in the country. That foundation in enterprise identity and access management, built at Target scale and refined through a startup identity build at Code42, now underpins how he approaches security governance at an airline where operational continuity and passenger data protection both depend on knowing exactly who has access to what.

Jim Uhrain — CISO and VP of IT Infrastructure, Air Methods

Jim Uhrain has served as CISO and VP of IT infrastructure at Air Methods, the nation’s largest air medical services company, since October 2021, holding security and infrastructure accountability in a single executive mandate for an organization whose operations cannot tolerate downtime. Before Air Methods, he spent more than ten years at QEP Resources across director of IT infrastructure and operations and director of IT and enterprise applications, managing IT strategy and security through the company’s growth, M&A activity, and eventual acquisition by Diamondback Energy. Before QEP, he spent more than four years as director of IT infrastructure at Frontier Airlines under Republic Airways Holdings, consolidating and streamlining post-merger IT functions across Republic, Midwest, and Frontier Airlines, building disaster recovery capability, and attaining PCI and SOX compliance. He began his career spending a decade at Acuson in progressive engineering and product support roles before nearly seven years as a network systems consultant. His airline infrastructure background combined with oil and gas IT leadership gives him a cross-sector operational technology perspective directly applicable to the always-on demands of air medical services.

Frederick Forehand — CISO and IT Management, Norfolk Airport Authority

Frederick Forehand has served as CISO and head of IT management at Norfolk Airport Authority since November 2024, bringing deep aviation technology expertise built across more than seven years as IT manager for aviation at the City of San Antonio, where he led technology operations at San Antonio International Airport. His work at SAT included leading airport operational database development, implementing facial recognition services, conducting end-of-life network equipment replacements, and designing a 33-monopole Citizens Broadband Radio Service network that brought cost-free internet to underserved neighborhoods across the city. Before San Antonio, he spent nearly two years as director of technology at the United States Sports Academy and more than eleven years as a telecommunications network analyst at Pensacola State College. He began his career managing IT and security at DNA Telecom, where he served as IT manager and CISO handling network security audits, firewall inspections, and project management for a $175 million IBM and Kmart contract across ten states. His select career highlights at Norfolk include directing $35 million in capital expansion projects, developing seven RFPs within three months, and championing the development of the SAT Aviation IT Master Plan introducing 120 miles of fiber optic infrastructure.

Rich Licato — VP of Enterprise Risk and CISO, Airlines Reporting Corporation

Rich Licato has served as VP of enterprise risk and CISO at Airlines Reporting Corporation since September 2011, leading information security, physical security, network operations, end user computing, enterprise risk management, and business resiliency for the aviation industry’s financial settlement and data analytics company, whose systems process billions of dollars in airline ticket transactions annually. He led ARC to obtain ISO 27001 certification in 2013 and maintains both PCI and ISO certification annually. Before ARC, he spent nearly seventeen years at Fannie Mae across project and development manager, director of systems development and enterprise architecture, director of information systems management, and director of operations risk management roles, managing corporate-wide technology risk programs with a team of 25 and a $7 million annual budget. He also consulted to the Hong Kong Monetary Authority as part of a Fannie Mae team helping create the Hong Kong Mortgage Corporation. His career began at American Management Systems managing project delivery for clients including MBNA America and IBM. Nearly fifteen years of continuous security and risk leadership at ARC, combined with deep financial services risk governance experience at Fannie Mae, reflects a security leader whose institutional knowledge of aviation’s financial infrastructure is as deep as it is consequential.

Aviation Security Has No Margin for Error

Airports never close. Airlines never stop flying. Air medical services respond around the clock. The financial systems that settle airline transactions process billions of dollars without pause. The leaders in this feature are protecting organizations where the concept of planned downtime is largely theoretical, and where the consequences of a security failure extend immediately into operations that passengers, patients, and the broader aviation ecosystem depend on. That operational reality shapes every security decision they make, and the programs they have built reflect it.

Discover more cybersecurity leaders securing the aviation sector worldwide:

IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.