Recognized Healthcare Cybersecurity Leaders 2025

CYRX360 is a healthcare‐focused cybersecurity company dedicated to protecting medical practices, hospitals, and clinics with comprehensive, regulation-driven solutions. Our services include a 24/7 Security Operations Center (SOC), HIPAA compliance audits, endpoint & ransomware protection, secure password management, dark web surveillance, and incident response. We help organizations reduce risk, ensure patient data confidentiality, and maintain trust.

Co-Founder of SG6, ITRES and DEV6. Cybersecurity consultant with a deep technical background. More than 20 years of experience in the fields of IT Security, Cybersecurity, Security Research and IT Best Practices. Dozens of acredited CVE vulnerabilities since Y2K. I publish practical offensive/defensive research: vulnerability analysis, exploitation notes, reverse engineering, and hardening/detection takeaways.

Seasoned content writer with more than a decade of experience.Wrote hundreds of blogs, ebooks, newsletters, social media content, news articles.Worked with numerous tech start-ups, digital marketing agencies, and media publications.Focused mostly on B2B tech, cybersecurity, blockchain, and AI. Capable of covering virtually any topic.Experienced in journalistic writing.

For over 20 years, I've been on the front lines of cybersecurity, working with global organisations to help them answer critical questions like: "How effective are our security measures against a cyber attack?" My passion is empowering companies to identify and fortify their attack surface. I help leadership teams evaluate their security stack's effectiveness and build actionable roadmaps. Some of the topics I cover are Enterprise cybersecurity and strategy, culture and how it impacts cyber resilience. Emerging attacks and attacker innovation in ransomware and increasingly AI security risks. This passion for sharing actionable knowledge is why I also started writing my blog. It's my way of sharing ideas and providing insights for enterprise security defenders and educate the wider community. In my day-to-day role at Pentera, I lead a team of talented security engineers. We partner with leading organisations who are ready to embrace change. As a speaker and mentor, I enjoy challenging the norms, introducing disruptive technologies, and sharing best practices to raise the bar.

Dr. Connie McIntosh is a cybersecurity executive, academic, mentor and international speaker. She currently serves as Head of Security at Ericsson. Dr. McIntosh integrates cybersecurity, information security, product security, operational security, and data privacy into business strategy, fostering psychological safety and cultural transformation in traditionally siloed environments. Her background is in National Security and Cyber Defense working in in key Cybersecurity Leadership roles across Defense and Government classified networks, Academia and private enterprise. Her leadership has earned her accolades such as being named among the Top 100 Women in Cybersecurity by US Cyber Defense Magazine and the Black Unicorn Award at Black Hat 2020. In 2025, she was awarded the prestigious Global Recognition Award for Leadership Excellence in cybersecurity underscoring her global recognition and influence along with 2025 Young Leader of the Year - The Fast Mode Awards 2025 recognizing exceptional individuals whose leadership, resilience, and technical depth continue to elevate the global telecom ecosystem. Connie's contributions to cybersecurity have been featured in influential books and magazines, including the groundbreaking Women4Cyber's own "Europe's Top Women in Security, Hacking Gender Barriers", along with "The Rise of Cyber Women Vol 3", "Shining the Spotlight - Stories for Business Success." and others.

Harman Singh, director at respected consultancy Cyphere, is an experienced security professional consulting public and private sector customers across the globe. He brings over a decade of intensive consulting experience, advising both private and public sector organisations on security matters around offensive and defensive security, particularly SOC operations maturity, CREST pen testing, risk and governance. Harman is recognised for his teaching ability; he is not just a consultant, but an educator of other experts: Black Hat Trainer: He has delivered advanced, practical training sessions at the prestigious Black Hat security conferences. Advanced Hacking: His training focuses on sophisticated techniques for attacking and defending complex digital infrastructure, upskilling security teams worldwide. Corporate Consulting: Beyond training, he possesses extensive experience consulting with corporate security teams, helping them manage threats across traditional networks and cloud-based systems. His insights—covering regulatory compliance, comments and best practices—are frequently featured in publications such as Infosecurity Magazine and Fast Company.

Cybersecurity expert with over a decade and a half of deep-dive experience, I bring an unparalleled level of understanding and expertise in strategic Cybersecurity planning, effective risk control, and pioneering product innovation. My career reflects my role as a reliable authority for organizations of all sizes, as well as an effective liaison with different regulatory bodies.

I began working with computers as far back as DOS and Lantastic. I started working professionally in the IT Field since 1999 and have worked with every Microsoft server since Windows NT. I now hold the role as CISO at ITRemedy/ Happy Computer where we consult with networks from single users to clients that run into the 100's of devices.

Shwetha Babu Prasad is a data security and privacy professional, speaker, and published author with nearly a decade of experience in information security. Her work focuses on advancing practical, engineering-driven approaches to protect sensitive data and reduce systemic data exposure risks. She has experience implementing data protection controls across enterprise systems to mitigate the risk of sensitive data exposure. She is the author of Why Websites Fail at Data Protection and Privacy and Data Security in the Age of AI. An active member of ISC2 and the Information Systems Security Association, she contributes to industry initiatives aligned with National Institute of Standards and Technology frameworks through the ISSA Resilience Special Interest Group. Her work advances practical, engineering driven data protection and privacy capabilities, strengthening cyber resilience across enterprise and critical infrastructure environments.

Cybersecurity Expert | Cyberwarfare Strategist | Founder, Centuria Labs Research With over 25 years of specialized experience, Giovanni Battista Caria is a prominent figure in the European cybersecurity landscape. As the head of Centuria Labs Research, he has dedicated his career to advanced research in digital crime prevention and the development of impenetrable defensive architectures. His work bridges the gap between technical innovation and strategic analysis, making him a sought-after speaker at major international forums, including the International Security & Digital Council. Literary Contribution & Strategic Insight Caria’s extensive research has culminated in a series of influential works that address the evolving nature of digital threats from both a technical and legal perspective: The Black Book of Cybersecurity (Il Libro Nero della Cybersecurity): A deep dive into the structural flaws of modern digital infrastructure and the methodologies of high-level cyber attacks. The Invisible Front (Cybersecurity & Cyberwarfare): Co-authored as a comprehensive guide to the convergence of law, technology, and national security, this work serves as a manual for understanding state-sponsored digital conflict. The Architects of Shadow (PsyOps & Information Warfare): An analytical exploration of psychological operations and social engineering, detailing how digital influence can compromise national stability and institutional trust. Innovation in Defensive Systems Throughout his two-decade-long career, Caria has focused on creating innovative defensive frameworks designed to be mathematically and structurally resilient. His approach at Centuria Labs emphasizes proactive threat hunting and the implementation of security layers that go beyond traditional firewalls, focusing instead on system-level integrity and zero-trust principles. Strategic Vision A recognized expert in the legal and technical facets of the GDPR and cyber-law, Caria integrates regulatory compliance with hard-core technical defense. His philosophy is rooted in the belief that true cybersecurity requires a holistic understanding of the "invisible front"—the space where software engineering, international law, and geopolitical interests collide. "Cyber defense is not a static wall, but a dynamic architecture of constant anticipation and research." — Giovanni Battista Caria

I have over 30 years experience as an Electrical Engineer, Technical Writer, and Documentation Manager. I worked in technical areas including avionics, systems integration, mobile software, SaaS. Several years ago I left the corporate world to care for sick parents. I supported myself building websites, writing technical “how-to” books, and leading online courses. Now, with family issues behind me, I have the time to take on some freelance clients. My atypical career path taught me to work well with a wide range of clients and audiences. Clients like Honeywell and Microsoft, McGraw-Hill and other book publishers, even pre-IPO startups. Audiences from computer beginners, to B2B buyers, to engineers building aircraft systems. I'm skilled at learning complex technologies like VPNs and cryptocurrencies. And I excel at turning that raw data into understandable content for a target audience. I am looking to contribute to projects that need these skills. I'm particularly interested in subjects that empower individuals such as online privacy.

I am a cybersecurity professional with over 18 years of experience in offensive security, penetration testing, and cyber defense. I focus on deeply understanding complex security challenges and developing practical, real-world solutions that strengthen organizations against evolving threats. I enjoy working across various security domains and approaching problems with a hands-on, analytical mindset. My colleagues and clients describe me as a hardworking, disciplined professional who remains calm and solution-oriented when handling high-risk incidents and challenging environments. My areas of expertise include vulnerability assessment, exploit development, incident response, network security architecture, and enterprise systems administration. I hold industry-recognized certifications such as OSCP, OSCE, GWAPT, GCIH, CCNA, and RHCE, which demonstrate my commitment to continuous learning and technical excellence.

CISO and advisor helping FinTechs turn DORA/NIS2/PSD2, PCI DSS, ISO 27001, and GDPR into practical resilience and business value. 20+ years across architecture, incident response, and program build-out. I prioritise KPIs, clear board communication, and continuous improvement, not checkbox compliance. Highlights: led DORA/NIS2 readiness for cross-border teams (faster audits; 30%+ lower regulatory risk), stood up vCISO/vDPO programs with cloud-native controls, vendor risk, and privacy automation. Community: OWASP Riga and Cloud Security Alliance Chapter Lead. Need to get regulator-ready? Let’s connect.

A pragmatic leader with experience guiding, building, and scaling cybersecurity and privacy programs across sectors. I formerly led the Information Security program for Udemy an EdTech firm. Implemented company-wide cybersecurity and data privacy governance programs for payment organizations, Led service delivery strategy, audits and penetration testing engagements for Consulting organizations and help company stakeholders understand likely business threats and practical methods to minimize risk.

Omair Manzoor is the Founder and CEO of ioSENTRIX, a cybersecurity firm specializing in Penetration Testing as a Service (PTaaS), application security, and AI/ML security assessments. ioSENTRIX serves mid-market and enterprise clients across financial services, healthcare, SaaS, and critical infrastructure — delivering continuous security testing through a hybrid human-AI approach with audit-ready deliverables mapped to SOC 2, ISO 27001, HIPAA, and PCI DSS frameworks. The company has been featured in FOX News, NBC, CBS, AP, ABC News, Business Insider, and Yahoo Finance, and is listed on AWS Marketplace and G2. Omair's areas of expertise include penetration testing strategy, PTaaS implementation, AI/LLM security and red teaming, application security program development, vibe coding security risks, compliance-driven security testing, and continuous threat exposure management (CTEM).

Charles Edda & Charles Bouley, Inc. (CECB) is a Texas-based cybersecurity company founded in 1999. The company specializes in managed security risk assessments, including vulnerability scanning, penetration testing, and security awareness training. Its primary clients include small businesses, medical practices, and law firms. The company is currently owned and operated by Dr. Rachel Levitch, who has expanded its services to provide advanced cybersecurity solutions that integrate financial risk management and regulatory compliance. CECB's services follow industry-recognized cybersecurity frameworks such as the National Institute of Standards and Technology (NIST), ISO 27001, and CIS Controls to help organizations establish robust cybersecurity practices and culture.

My path to security leadership came through offensive security testing, software engineering, and product management. I've written code, designed and built security products, created and sold managed security services, and served as both GM and CISO for organizations ranging from early-stage startups to multi-billion-dollar enterprises. That background shapes how I approach security: I understand the trade-offs engineering teams face, I know what's actually feasible to implement and operate, and I prioritize controls that reduce real risk over ones that just satisfy auditors. I stay hands-on with cloud architecture, application security, AI, and emerging threats. At IOmergent, my co-founder Brett Wilson and I work with growing companies that need real security leadership but aren't ready for a full-time CISO. We provide fractional CISO (vCISO) services, managed cloud security, and practical assessments that tell you where you actually stand. Our focus is on building security into engineering culture and operations, as well as with executive teams. We work extensively with SaaS companies, healthcare and fintech organizations, and AI startups navigating their first enterprise customers, dealing with incidents or near misses, or trying to figure out what "good enough" security actually looks like for their stage. If you're a founder or technical leader looking to mature your security posture, preparing for your first compliance audit, or navigating an incident and need experienced support, I'm always happy to connect. And if you just want to talk through a security challenge with someone who's been there, reach out.

Security-focused executive with 20+ years leading enterprise cybersecurity, identity & access management, IT, and IT operations at Fortune 500 organizations including Optum/UnitedHealth Group, Carnival Corporation, Target, Sprint, and IBM. Trusted post-breach recovery specialist and turnaround leader — brought in to stabilize healthcare.gov, remediate multiple security breaches, and transform underperforming security programs. Proven at operating at the intersection of technical depth and business strategy, translating complex risk into board-level decisions and delivering measurable outcomes.

Franco Velasquez is the CEO and founder of HostBreach, a cybersecurity advisory firm specializing in external cyber intelligence, attack surface analysis, and intelligence-driven advisory for defense contractors and regulated organizations. His work focuses on understanding how attackers identify, prioritize, and compromise targets using publicly available intelligence, often before traditional security controls detect activity. Franco advises organizations on CMMC readiness, CUI exposure, ransomware risk, and pre-incident threat visibility, helping leaders understand real-world risk beyond checklist compliance. He has experience working with OSINT-based reconnaissance, threat actor behavior analysis, and tabletop attack simulations aligned to observed intrusion patterns. He is frequently consulted on topics including ransomware trends, external exposure management, supply chain risk, and how attackers exploit misconfigurations and unpatched systems. Franco emphasizes practical, intelligence-led decision-making that helps organizations reduce risk before incidents occur.

Karthikeyan Ramdass a seasoned cybersecurity professional with over 18 years of experience securing mission-critical systems for leading Fortune 500 companies across industries including aviation, finance, automotive, and technology. I have played a pivotal role in protecting organizations such as Southwest Airlines, Wells Fargo, Morgan Stanley, Toyota Motors North America, AIG, Cognizant, Salesforce, and Deluxe Corporation. Specializing in application security, vulnerability management, secure architecture, and supply chain defense, led the design and implementation of enterprise-scale security frameworks, CI/CD pipelines, and advanced security testing solutions. Extensive experience in SAST, DAST, SCA, zero-day vulnerability management, and penetration testing, ensuring compliance with global standards such as NIST CSF, PCI DSS, and OWASP Top 10.