Last year, we chronicled the emergence of the Chief Innovation Security Officer. They are leaders redefining security not as a barrier, but as a business catalyst. It's 2026, and that vision has hardened into an operational reality.
The conversation has shifted from the promise of AI to the production of outcomes, driven by what we now recognize as the "agentic security inflection point." The leaders on this list are no longer just navigating the hype; they are operationalizing it to fundamentally change the defense equation.
This year’s cohort shares a distinct refusal to accept "toil" as a baseline. They understand that you cannot innovate if your team is drowning in alerts. These CISOs are reclaiming the bandwidth to focus on high-value, strategic initiatives – empowering their teams to finally "do human work." Whether it’s being embedded in enterprise-wide AI initiatives, as Noah Davis is at QXO, or combating machine-speed threats with agentic operations like Mike Baker at DXC Technology, these executives are proving that resilience and speed are not mutually exclusive.
They are building cultures where security scales with the business rather than constraining it. By embracing the reality that modern defense requires machine-speed capabilities, they have transitioned security from a cost center to a cornerstone of enterprise innovation.
Here are the top 30 Chief Innovation Security Officers setting the standard for 2026.
Adam Fletcher, SVP and CSO at Blackstone
Adam leads cyber and physical security at one of the world’s largest alternative asset managers, with a pragmatic, risk-aware approach to innovation. In public dialogues on cybersecurity’s future, he acknowledges how AI is reshaping attacker tactics, from social engineering to deepfakes, while championing automation and tooling that help security teams validate defenses at scale. Fletcher also publicly discusses Blackstone’s support for next-gen security innovation by participating in investment and partnership initiatives with AI-focused security platforms, underscoring how security can enable resilience and growth. His leadership blends measured risk communication, education, and systems thinking to help security contribute constructively to enterprise innovation and operational transformation.
Andy represents a new generation of security leaders driving innovation through execution. Since joining GPI in 2023, he rapidly advanced from Senior Cyber Security Engineer to Manager of Security Operations, where he now leads the global SOC and day-to-day incident response. With deep experience across large OT environments, network security, and SIEM transformation, Andy helped stand up and mature GPI’s internal SOC – blending external services with growing in-house capability and elevating response quality across identity, endpoint, and network domains. While Andy does not yet have a public thought-leadership footprint on AI, his inclusion reflects demonstrated operational innovation and the ability to turn modernization into enterprise-wide resilience.
Barry brings security leadership to one of the nation’s largest law firms, with a strategy-first mindset that connects risk, technology, and business outcomes. Within executive peer forums, he’s positioned alongside discussions on data, advanced analytics, and evolving cybersecurity landscapes, signaling a posture that embraces thoughtful modernization and operational effectiveness as part of security’s role in business transformation. Rather than championing innovation as a standalone concept, Barry’s leadership reflects it through strategic alignment, process optimization, and the adaptation of security practices to support organizational growth and resilience in a rapidly changing environment.
Carl represents a modern, innovation-minded CISO who approaches security as a strategic capability rather than a control function. In executive and peer forums, he’s associated with forward-looking discussions on how security organizations must evolve alongside the business – prioritizing adaptability, context-driven decision-making, and resilience over static compliance. His leadership reflects an understanding that innovation requires security teams to move at business speed, anticipate change, and design programs that scale with growth rather than constrain it.
Carrie is a prominent voice on how the CISO role must evolve as organizations move aggressively to adopt AI across the business. She emphasizes that security cannot sit on the sidelines of AI initiatives, or arrive late with guardrails after innovation is already underway. Instead, Carrie advocates for early, embedded security leadership in AI adoption, positioning the CISO as a strategic partner who helps teams move faster by design, not slower by review. In her public commentary, she underscores that innovation accelerates when governance, risk, and security are integrated from the outset. Her leadership reflects a shift away from reactive control toward proactive enablement, where security helps the business pursue AI-driven innovation with confidence, resilience, and trust.
Dannie consistently frames AI as a transformative force in cybersecurity that simultaneously amplifies threat actors' capabilities and expands defenders' opportunities. In strategic threat assessments, he highlights how AI-driven tools can automate threat detection, accelerate analysis, and extract actionable insights across vast datasets, while also warning of AI-enabled phishing, malware, and adversarial evasion. At industry forums and peer discussions, he underscores that AI is reshaping security operations and that traditional models must evolve toward automation, intelligence, and identity-centric insights to keep pace. His perspective blends risk-aware realism with innovation-forward thinking, advocating for adaptive, proactive defenses that embrace intelligent tooling as a core part of modern security strategy.
David approaches AI and innovation from a practical, people-centered perspective in security leadership. He champions the use of automation and emerging technologies to hyper-automate routine, time-intensive tasks, giving his team the space to focus on novel threats and strategic challenges. At the same time, he emphasizes that technology amplifies skilled people rather than replacing them, and that a successful security program depends on the right balance of people, processes, and technology aligned with business goals, emblematic of a mindset grounded in operational reality and innovation.
Elsa leads security strategy at Evercore, focusing on strengthening enterprise resilience while enabling secure business transformation. In an industry where technology evolution is constant, she views security as a strategic partner to innovation, advocating for modern risk frameworks that support the adoption of advanced tools, including AI-driven analytics and automation, to improve threat detection, risk management, and operational efficiency. Rather than treating emerging tech as merely a risk surface, Elsa’s leadership reflects how security can empower digital innovation in financial services by ensuring it is resilient, compliant, and aligned with enterprise strategy.
Eric stewards one of the financial sector’s most complex security landscapes with a pragmatic, business-aligned approach. He fosters security models that are resilient, adaptable, and integrated with enterprise strategy — championing innovation not as a buzzword but as secure transformation in action that advances risk-informed growth, operational maturity, and strategic enablement across Apollo’s global footprint.
Greg brings a strategic blend of business insight and security expertise to his leadership at TriHealth, where he aligns cybersecurity strategy with organizational goals. His innovation-through-security lens is grounded in healthcare realities: visibility, governance, and patient safety come first. In public customer stories, he focuses on making modern environments, especially connected medical devices, measurable and controllable through automation and Zero Trust-driven controls, so security scales without disrupting care. He also consistently highlights the importance of partners that can adapt and integrate new technologies as threats and infrastructure evolve. This illustrates an “enablement” posture that maps cleanly to AI-era security programs built on operational leverage rather than manual toil.
Gregg champions a security posture that embeds cybersecurity deeply into operational processes rather than as an afterthought. At industry forums, he has articulated a view that security must be treated like safety — integral to how IT delivers value — signaling a shift toward proactive, performance-oriented security programs. His leadership mirrors innovation-oriented security by positioning the security function as a strategic partner to the business, elevating resilience and enabling digital operations to evolve with confidence.
Jason leads technology and innovation at one of Florida’s largest law firms with a pragmatic, early-adopter approach. On podcasts, including Episode 8 of “Do Human Work”, he challenges the stereotype of law firms as technology laggards, having implemented AI solutions for financial workflows years "before it was cool." Holding the dual role of CIO and CISO, he views AI not as a threat to headcount but as a tool to liberate his team from "toil," allowing them to focus on higher-value work. In our “Do Human Work” conversation, he boldly asserts that "the modern-day SOC is becoming legacy," arguing that because attackers evolve at machine speed, defenders have no choice but to "combat AI with AI" to stay in the game.
As a seasoned security executive with deep experience across global financial services, Jason positions security as a strategic business enabler that strengthens resilience, trust, and operational agility in complex environments. Rather than focusing narrowly on controls, his leadership emphasizes intelligence-led protection, proactive risk visibility, and organizational resilience — enabling Fidelity and its partners to navigate evolving threats while advancing secure transformation and enterprise growth.
Jerry leads security for one of the world’s largest and most complex digital-physical enterprises, where scale, speed, and trust are inseparable. He consistently frames innovation as a necessity for operating at Walmart’s velocity, emphasizing modern identity, Zero Trust, and AI-assisted detection and response to keep pace with evolving threats. In public forums, Jerry has acknowledged both the promise and risk of generative and agentic AI, underscoring the need for governance that enables speed rather than constrains it. His approach positions security as a core enabler of secure digital transformation, resilience, and business execution at a global scale.
Joe stewards IT and security strategy, focusing on enabling secure digital transformation and operational resilience. His leadership blends governance, compliance (including SOC-2), and modernization initiatives that support business agility while maintaining risk discipline. In this role, Joe exemplifies innovation grounded in practical outcomes — aligning secure systems and processes with strategic goals to help the organization evolve confidently in a rapidly changing technology landscape.
Julia champions a security philosophy that powers innovation at the intersection of biotech and emerging technology. At Flagship Pioneering, she reframes security as a strategic enabler of bold science — advocating for approaches that protect breakthrough research while embracing technologies like AI that accelerate discovery and streamline secure operations. Rather than viewing security as a gatekeeper, Julia emphasizes building trust and agile security programs that unlock innovation, support modern engineering practices, and integrate advanced tooling safely into the enterprise.
Lavnish spearheads cybersecurity strategy for a complex global insurer, where digital transformation, resilience, and secure growth intersect at enterprise scale. Since stepping into the CISO role, he has driven continuous improvement in the firm’s security posture, aligned risk management with business imperatives, and built capabilities that support secure modernization across people, processes, and technology. Recognized with a 2025 Top Global CISO Award for leadership and innovation, Lavnish’s influence extends across teams and partners, reflecting an emphasis on strategic security enablement and operational rigor. His leadership at Ascot balances advanced risk programs with evolving digital and regulatory demands, exemplifying the innovation mindset critical to the next generation of security leaders.
Michael leads security and risk at Barnes Aerospace with a forward-leaning mindset that embraces innovation as a strategic enabler rather than a defensive posture. Known for aligning security with business transformation, he views AI as a catalyst for elevating security teams and enabling enterprise innovation. Rather than seeing AI solely through the lens of threat mitigation, Michael advocates for framing AI capabilities as tools that enhance human decision-making, streamline routine work, and unlock new avenues for secure growth. His leadership reflects a commitment to driving secure digital transformation, in which AI expands strategic impact and fosters cross-functional collaboration among technical and business stakeholders.
Mike’s placement on our list holds extra distinction, as he led the deployment of the world’s largest agentic security operations implementation in 2025. Mike has an optimistic outlook on AI, viewing it as an opportunity to "replace toil with opportunity." On Episode 6 of “Do Human Work”, he discussed how he operates with a distinct "opportunity bias," viewing AI as a critical instrument for defense rather than just a risk to be managed. He argues that the traditional annual roadmap is obsolete, demanding that partners deliver "rapid prototyping" and tangible value in weeks, not years. Mike is aggressively removing human toil from security operations, asserting that "we don't need humans looking at tickets... that ship has sailed," and that the modern race for security is undeniably a race of speed.
Myke frames innovation and AI with real-world pragmatism. Rather than chasing buzz, he discusses how LLMs and AI tools are already improving security operations, helping teams manage the exploding volumes of telemetry and turn data into insights. He also emphasizes thoughtful adoption by educating users on safe data practices and balancing AI’s promise with risk awareness. Whether addressing deepfake threats or automating tier-one tasks, Myke’s voice reflects a people-plus-technology model of innovation that amplifies human expertise and solves practical operational challenges.
Noah represents a growing class of CISOs who are directly embedded in enterprise-wide AI decision-making, rather than operating as downstream approvers. He has spoken publicly about the importance of CISOs participating in AI councils and transformation initiatives, ensuring that security is a strategic input into how AI is deployed, not a reactive response. In industrial and operational environments, where AI increasingly intersects with physical systems and critical infrastructure, Noah frames security as essential to responsible innovation at scale. His approach reflects a broader evolution of the role: the CISO as a co-architect of digital and AI strategy, balancing risk while enabling new capabilities across complex, operationally intensive businesses.
Peter drives Lazard’s global security strategy with a business-aligned and metrics-driven mindset. He champions a performance-oriented approach that benchmarks security practices against peers and uses data to guide improvement. In industry panels, he’s emphasized that solving security challenges at machine speed and framing security as trust that enables business outcomes are essential for modern programs. His leadership bridges strategic risk management, continuous learning, and operational agility, positioning security as a driver of resilience and enterprise confidence.
Phil leads technology strategy at Koozie Group with a clear focus on digital transformation and operational innovation across the promotional products industry. His work prioritizes connecting systems, improving automation, and integrating tools that make technology more usable and efficient for customers and partners. Phil sees AI as a tool to create a "more agile workforce" rather than a means to reduce headcount. He actively encourages his teams to identify practical problems that AI can solve to drive efficiency and innovation. Phil believes that while AI won't replace the human connection in business, it is essential for modernizing workflows and expanding the organization's capabilities.
Rebecca leads IT risk and security strategy for one of the largest beauty and retail platforms, where technology and operations converge at a global scale. She has driven cloud security modernization, implemented 24/7 security operations, and achieved substantial improvements in incident response metrics, bringing data-informed decision-making, agility, and operational uplift to Ulta’s security practice. A recognized leader in security operations and infrastructure defense, Rebecca frames security leadership around balancing risk with business enablement and fostering collaboration across technical and non-technical stakeholders. Her emphasis on technology as a business enabler, continuous learning, and modernization reflects an innovation-oriented mindset aligned with the evolving role of security in digital transformation.
Richard approaches AI and innovation with pragmatism and risk-aware experimentation. In a recent video with Progress CIO Ian Pitt, Richard emphasizes starting small, defining clear business problems before building solutions, and empowering teams to innovate confidently while maintaining governance. Through his participation in peer panels on AI vulnerabilities and broader discussions about narrowing the gap between security and the business, his leadership reflects a balanced, practical model for integrating emerging technologies into secure, scalable enterprise operations.
Rishi drives technology and security transformation across one of the nation’s largest health systems, overseeing a $140 million modernization initiative and a global security organization. His leadership reflects an innovation-first mindset: under his tenure, Mount Sinai has deployed AI-enabled cybersecurity tools that improve threat detection, accelerate incident response, and harden defense through automation — reducing vulnerabilities and response times measurably. Rishi also champions AI for operational efficiency, supporting programs that automate workflows for clinicians, researchers, and IT teams; consolidate legacy systems; and unlock data-driven insights that reinforce risk management and care delivery. His speaking engagements and strategic priorities position AI not merely as a tool, but as an engine of secure transformation and resilient operations in a mission-critical, high-trust environment.
Ryan approaches AI and innovation from a practical, operational security lens, emphasizing concrete outcomes over hype. He champions AI-augmented detection and automation to reduce analyst burden, improve threat visibility, and strengthen global cyber resilience. Rather than speaking about AI as a theoretical future, Hay highlights how advanced tooling and automation amplify human expertise, streamline workflows, and deliver quantifiable insights that empower leadership and elevate security’s contribution to innovation and business growth.
Shawn stewards security for one of the nation’s premier retail brands by aligning risk management with business priorities and digital transformation efforts. In a landscape where customer experience depends on secure, resilient systems across commerce, supply chain, and digital channels, he emphasizes strategic security enablement that supports growth and innovation — focusing on strong governance, cross-functional collaboration, and operational excellence that allows the business to evolve securely.
Viswa frames AI as a defining force for the future of cybersecurity, where predictive, adaptive, and autonomous defense becomes essential. He emphasizes that AI should amplify human insight and accelerate decision-making without replacing expertise, and that successful innovation requires ethical experimentation balanced with proactive risk management. In prior executive discussions, he has advocated starting AI strategy with policy and governance and using “defensive AI” to elevate threat analysis and operational efficiency, underscoring innovation as value-driven and responsibly governed.
As a senior security leader at one of the world’s fastest-growing consumer platforms, Will has helped shape next-generation enterprise security frameworks under intense regulatory and public scrutiny. His public remarks around TikTok’s independent oversight architecture (Project Texas) illustrate how security leadership can drive trust, transparency, and system integrity at scale – engineering governance and operational models that support both safety and business continuity. Rather than focusing narrowly on threat prevention, Farrell’s work reflects enterprise innovation in the way global platforms operationalize security, trust, and compliance in highly complex environments.
7AI customers trust dynamic AI agents to get security work done at scale. The company's AI agents autonomously investigate security alerts, proven in production at Fortune 500 scale, eliminating the work humans shouldn't be doing, so security teams can finally do human work: strategic threat hunting, proactive defense, and the work that actually protects organizations. Schedule a personalized demo to see how our AI agents can transform your security operations in just 7 days.