The Dutch healthcare sector has entered a period of intense digital transformation, and that comes with heightened cybersecurity challenges. Healthcare organizations handle vast amounts of sensitive patient data, and recent industry reports highlight a sharp rise in ransomware and extortion attacks targeting hospitals and clinics, showing an “alarming increase” in cyber threats that can disrupt care delivery and risk patient safety. In response, hospitals and care networks are reinforcing their defenses and investing in leadership that can blend regulatory compliance, technical strategy, and operational risk management.
This listicle focuses on healthcare security leaders in the Netherlands, many of whom hold CISO (Chief Information Security Officer) titles, while others drive crucial security efforts without the formal title. These professionals are not just guardians of systems and compliance; they’re strategic voices helping healthcare institutions navigate evolving threats, stringent public‑sector regulations like NIS2, and complex data privacy landscapes.
Hugo Leisink — Chief Information Security Officer, HagaZiekenhuis
Hugo Leisink is a seasoned security and privacy specialist currently serving as Chief Information Security Officer at HagaZiekenhuis, one of the Netherlands’ leading top‑clinical teaching hospitals. His professional journey includes strategic roles such as cybersecurity adviser at the Nationaal Cyber Security Centrum and interim security positions at major organizations, giving him broad perspective on cyber risk and secure digital transformation in mission‑critical environments.
At HagaZiekenhuis, Leisink leads efforts to secure clinical IT, patient data, and privacy practices within an environment that combines everyday care delivery with advanced specialist services. His work also involves public engagement and thought leadership; for example, he was recently featured on a cybersecurity podcast discussing secure software practices, demonstrating his commitment to elevating security awareness across the industry.
Erick van Veghel — Chief Information Security Officer, Catharina Ziekenhuis
Erick van Veghel leads cybersecurity at Catharina Ziekenhuis in Eindhoven, a modern top‑clinical hospital known for complex services in cardiology, oncology, and reproductive medicine. Combining technical expertise with process and compliance insights, van Veghel approaches security as a multifaceted discipline that touches organizational culture, legal mandates, and continuous improvement. His leadership is particularly relevant given the increasing regulatory pressure on Dutch hospitals to comply with frameworks like NEN 7510 and NIS2 while safeguarding patient trust.
By fostering cross‑discipline collaboration and advocating for security education across teams, he strengthens Catharina’s defenses against ever‑evolving cyber threats. His strategic view underscores that in healthcare, robust cybersecurity protects not just IT systems, but the continuity of patient care itself.
Marcel Broekema — Strategic Cybersecurity Advisor & Interim CISO
Marcel Broekema has carved a niche as an interim CISO and senior advisor supporting healthcare and other vital sectors through complex regulatory transitions, such as NIS2, the Dutch Cyberbeveiligingswet, and new AI risk requirements. While not currently tied to one institution as a permanent CISO, his board‑level advisory work is highly respected within the Dutch healthcare ecosystem.
Broekema’s expertise lies in harmonizing multiple governance frameworks (such as NEN 7510 and ISO 27001) into coherent strategies that enable organizations to move beyond compliance to demonstrable operational control. His leadership reflects the increasing recognition that modern healthcare security must integrate governance, risk, and compliance with executive decision‑making.
Martin Zinke — CISO, Isala Klinieken
As the CISO at Isala Klinieken in Zwolle, Martin Zinke brings decades of IT and security experience to one of the largest hospital groups in the Netherlands. Isala’s complex portfolio, covering advanced clinical specialties and ongoing research, places Zinke at the heart of critical decisions around risk management, asset protection, and resilient infrastructure.
His leadership emphasizes the alignment of technical operations with overarching security strategy, anchoring security principles in daily operations that safeguard not only data, but mission‑critical healthcare services.
Johan Schipper — Information Security Professional, Koninklijke Visio
Though not holding a formal CISO title, Johan Schipper plays an essential role within Koninklijke Visio, a national expertise centre for people with visual impairments that provides care, education, and support services. In his information security function, Schipper contributes to secure information management, helping protect sensitive personal data across diverse care and research settings.
His role exemplifies how strategic security leadership can thrive in organizations that might not have established CISO positions but nonetheless face complex cybersecurity and privacy demands, particularly as digital services expand.
Najat E. — Concern Information Security Officer, Deventer Ziekenhuis
Najat oversees security for Deventer Ziekenhuis as Concern Information Security Officer, where she drives policy, incident response, and awareness across departments. Her work involves building robust information security management systems (ISMS), aligning processes with standards like ISO 27001 and GDPR, and engaging teams in behavior change, all critical in high‑risk healthcare environments.
Her blended focus on technical controls and organizational culture positions her as a rising leader in Dutch health security, especially as threats become more sophisticated and pervasive.
Jos Toet — Concern Information Security Officer, Franciscus Hospital Group
With long tenure in healthcare security, Jos Toet provides strategic leadership across the Franciscus hospital network, which includes multiple clinical locations. His continuity in the role and deep understanding of patient data protection, compliance requirements, and clinical risk contexts make him a steadying force in ensuring operational cyber resilience.
Toet’s approach reflects a broad, people‑focused view of security, one that balances technology, governance, and human factors in protecting critical healthcare services.
Why These Leaders Matter
Dutch healthcare institutions are increasingly on the cybersecurity front lines as attackers intensify their efforts and regulatory frameworks like NIS2 demand robust governance. From hospital CISOs to senior security officers, these leaders are shaping strategies that protect critical systems, sensitive patient data, and the trust of the communities they serve.
Whether they hold formal CISO titles or serve in analogous strategic security roles, each individual listed here contributes to a safer, more resilient Dutch healthcare digital landscape. By spotlighting such leaders, organizations can learn from real‑world security leadership in practice and recognize the rising stars shaping this crucial field.
View our full list of CISOs to watch in different locations and industries.