São Paulo is home to some of the most influential cybersecurity leaders in Latin America. These CISOs are driving strategic innovation, strengthening digital resilience, and shaping the security landscape across industries from finance and healthcare to energy and telecommunications. Here’s a look at ten CISOs to watch in 2025, recognized for their leadership, achievements, and measurable impact on their organizations.
Adriano Carlos de Lima — SEPHORA
Adriano Carlos de Lima is a senior executive in cybersecurity, data protection, and IT governance, with over 25 years in IT and 15 years in multinational leadership roles across Latin America, the USA, Europe, and Asia. Currently LATAM Information Security Manager at SEPHORA, he drives cybersecurity strategy, IT risk management, and compliance programs to safeguard digital assets, systems, and critical business processes. His leadership is recognized for measurable operational impact and strategic vision in complex multinational environments.
Luiz Frota — Atento
Luiz Frota brings more than 25 years of IT experience, with the last 11 focused intensely on information security across national and multinational companies. As Global CISO at Atento, he oversees cybersecurity operations, including Zero Trust architecture, IAM/PAM systems, SOC management, vulnerability assessment, and incident response. Frota has extensive experience defining information security policies, technology architecture, and master plans aligned with organizational IT strategies. Known for building high-performing teams and developing strategic risk mitigation programs, Frota ensures enterprise-wide resilience while aligning security initiatives with business priorities.
Paulo Condutta Villas Boas — Ouribank (Banco Ourinvest)
Paulo Condutta has led the Information Security function at Ouribank since 2018, elevating the bank’s cybersecurity maturity and enabling secure expansion of digital business initiatives. He oversees IT governance, operational risk management, regulatory compliance, and corporate security policies. Paulo manages incident response, BCP/DRP, DevSecOps initiatives, and cybersecurity awareness programs, and leads a multidisciplinary team of 10 direct reports and external vendors. His strategic leadership ensures that Ouribank remains resilient, secure, and aligned with evolving financial regulations.
Andre Rocha — Braskem
Andre Rocha has been CISO at Braskem since 2021, spearheading the strategic and operational transformation of the cybersecurity function across people, processes, and technologies. He evaluates processes using COBIT, identifies skill gaps, recruits specialized professionals, and implements NIST-aligned cybersecurity technologies. Andre established Braskem’s Information Security Master Plan (PDSI), oversees cybersecurity awareness programs, manages IT compliance audits, and controls budgets and governance processes. His leadership has strengthened Braskem’s security posture and organizational resilience while embedding a culture of continuous improvement.
Leandro Ribeiro — Hospital Sírio-Libanês
Leandro Ribeiro brings over 24 years of IT experience, 15 in cybersecurity, and 18 years of leading multidisciplinary teams. As Information Security Manager at Hospital Sírio-Libanês, he ensures the protection of critical health data while driving compliance and risk management initiatives. He also serves as Director of Cybersecurity for ABCIS, Advisory for CyberSecFest, and on the board of Instituto WLC, contributing thought leadership to the broader Brazilian cybersecurity community. Leandro combines operational leadership with strategic guidance, fostering a culture of security awareness and resilience across healthcare systems.
Denis Nesi — Claro Brasil
Denis Nesi is a recognized Italian-Brazilian executive with 25+ years in digital, cloud, and cybersecurity. As Executive Director and CISO at Claro Brasil, he leads a 350-person team focused on information security, fraud prevention, and investigations, driving innovative solutions that strengthen resilience across the telecommunications sector. Nesi’s international experience spans Latin America, the US, and the Benelux region, including leadership at IBM, Accenture, KPMG, and Sopra Steria. He is known for advancing cybersecurity maturity through strategic risk management, governance, and program execution across complex digital ecosystems.
Helio Junji Takikawa — Sompo Seguros
Helio Junji Takikawa is an IT and cybersecurity executive with 20+ years of experience at large financial institutions and consulting firms. Currently CISO at Sompo Seguros, he previously served as CISO at Cartão Elo, where he led the implementation of the NIST framework at Banco Cetelem, achieving the second-highest maturity level across more than 20 countries. Helio’s leadership transforms Brazilian branches into models of cybersecurity excellence, making him a respected authority in financial cybersecurity and compliance.
Vitor Sena — Gerdau
Vitor Sena has been Global CISO and DPO at Gerdau since 2018, overseeing information security strategy, risk management, and control frameworks across 10 countries. He manages vulnerabilities, mitigates cyber risks, and ensures enterprise-wide resilience for one of the world’s largest steel producers. Sena’s leadership emphasizes operational security while integrating security practices with strategic business objectives, earning recognition through industry awards and executive forums.
Bruno Macena — Energisa SA
Bruno Macena is CISO at Energisa SA, one of Brazil’s largest private energy companies, where he leads cybersecurity across IT, OT, and critical infrastructure. His portfolio includes fintechs, insurance brokers, and core energy operations, encompassing distribution, transmission, and generation. Bruno prioritizes integrating security into business strategy to foster compliance, innovation, and sustainable growth, ensuring the company’s cyber resilience across diverse and critical sectors.
Denis Oliveira — Grupo Petrópolis
Denis Oliveira leads Information Security, Privacy, and Data Protection at Grupo Petrópolis, one of Brazil’s largest beverage producers. He drives strategic initiatives to transform security and ensure regulatory compliance, while maintaining operational integrity and resilience in highly complex IT environments. Denis focuses on aligning security with innovation, availability, and reliability, strengthening the organization’s overall cyber posture.
Closing Thoughts
These ten CISOs represent the forefront of cybersecurity leadership in São Paulo, spanning industries including finance, healthcare, telecommunications, energy, and consumer goods. They are not only protecting critical digital infrastructure but also shaping the cybersecurity landscape in Brazil through strategic innovation, regulatory compliance, and thought leadership. Their work demonstrates that modern CISOs are as much business leaders as technical experts, driving measurable impact while cultivating resilient, secure organizations.