Skip to main content
close search
site logo
Dive Brief

UnitedHealth Group names new CISO 8 months after massive ransomware attack

Longtime security leader Tim McKnight joins the beleaguered healthcare giant, succeeding Steven Martin, who was appointed chief restoration officer.

Published Oct. 30, 2024
Matt Kapko's headshot
Senior Reporter
UnitedHealth Group office
UnitedHealth Group named Tim McKnight to CISO earlier this month. Courtesy of UnitedHealth Group

Dive Brief:

  • UnitedHealth Group appointed Tim McKnight to CISO, marking a change in the company’s security leadership eight months after a ransomware attack on subsidiary Change Healthcare led to sustained nationwide disruptions. McKnight shared the news on LinkedIn this week
  • McKnight replaces Steven Martin, who became CISO in May 2023, nine months before the ransomware attack. As part of the change, Martin shifted to a new role at UnitedHealth as chief restoration officer. Martin previously served as CIO and CTO at Change Healthcare and Optum, another subsidiary of UnitedHealth Group.
  • Earlier this month, UnitedHealth Group confirmed the cyberattack, which involved compromised credentials to a remote access Citrix portal, compromised data on at least 100 million people, the largest healthcare data breach ever reported to federal regulators. The attack also hinged on a consequential mistake the healthcare giant made in failing to protect a critical system: it did not turn on multifactor authentication.

Dive Insight:

UnitedHealth Group declined to say if the CISO leadership change came in response to a February ransomware attack that brought the company’s medical claims and processing platform down for more than a month.

“We are excited that Tim McKnight, a leading expert in cybersecurity, has agreed to join our team, and equally excited that the addition of Tim will enable Steven Martin to focus on a new role as chief restoration officer,” Eric Hausman, VP of media relations at UnitedHealth Group, said in a Tuesday statement.

McKnight has a deep security background dating back more than 30 years, according to his LinkedIn profile. He serves on multiple boards and advisory roles, and was most recently EVP and CSO at SAP. The former special agent for the FBI held previous security leadership roles at Thomson Reuters, GE, Fidelity Investments and Northrop Grumman, among others.

In a letter to the Federal Trade Commission and Securities and Exchange Commission in May, Sen. Ron Wyden criticized the company for appointing Martin, who hadn’t worked in a full-time cybersecurity role before, to CISO.

Filed Under: Leadership & Careers

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Editors' picks
Latest in Leadership & Careers
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell