Gary Harbison, Global CISO, Johnson & Johnson
Speaker, CSO Hall of Fame Inductee

Gary Harbison

Global CISO Johnson & Johnson

Gary Harbison is the Chief Information Security Officer (CISO) at Johnson & Johnson, a role he has held since joining the company in October 2022. He leads the Information Security and Risk Management (ISRM) organization, responsible for protecting J&J’s critical data while advancing global security strategy, cybersecurity transformation across products and services, and enterprise technology risk management.

Gary has 30 years of technology, information security and risk management experience across multiple Fortune 500 companies and the U.S. Department of Defense. His background spans security architecture, threat intelligence, and senior leadership roles focused on building high-performing, business-aligned teams. Before joining J&J, Gary served as CISO at Bayer.

Gary is an active contributor to the cybersecurity community, serving on advisory boards, mentoring startups, and advising universities. He is an adjunct professor at Washington University and holds a Bachelor of Business Administration degree from Webster University.

Upcoming and recent events

2026 CSO Cybersecurity Awards & Conference
Location: Symphony Ballroom
The Big Story: How CISOs Must Respond to the Age of Mythos and AI-Powered Cyber Threats
Tuesday, May 12, 2026
2:40 pm - 3:25 pm
The announcement of Anthropic’s Claude Mythos and the launch of Project Glasswing mark an inflection point in cybersecurity that CISOs cannot afford to watch from the sidelines. Mythos represents a model capable of autonomously identifying zero-day vulnerabilities overnight, fundamentally shifting the balance between offense and defense. Anthropic itself is withholding…
Location: Symphony Ballroom
CSO Leadership Masterclass
Wednesday, May 13, 2026
2:00 pm - 3:30 pm
2:00 – 2:05pm Welcome and Opening Remarks 2:05 – 2:35pm Leading the C-Suite to Security Excellence Here’s the truth: CISOs will be judged on their business fluency as much as technical acumen. Expectations of the CISO role are evolving to see the role as a business executive, not just…