CareFirst BlueCross BlueShield Appoints Roberto Suárez as Chief Information Security Officer

Suárez brings passion for transparency in healthcare cybersecurity and commitment to protecting patient privacy

Baltimore and Washington, D.C. – Today, CareFirst BlueCross BlueShield (CareFirst), the largest not-for-profit health plan in the mid-Atlantic region, announced Roberto (Rob) Suárez as its new Vice President and Chief Information Security Officer (CISO). 

In this role, Suárez will lead CareFirst’s cybersecurity strategy, with a keen eye toward mitigating risk to communities and their patients in need of healthcare. 

“With the potential impact that cyberattacks have on healthcare organizations and patients, it was imperative our technology leadership have a strong background in cybersecurity,” Dori Henderson, Senior Vice President and Chief Digital Information Officer, said. “Rob’s bold vision for healthcare cybersecurity as well as his commitment to creating a culture of transparency, safety and privacy made him the ideal candidate.” 

Prior to this role, Suárez was the Vice President and Chief Information Security Officer at BD (Becton Dickinson), where he led information technology (IT), manufacturing and product cybersecurity, building medical technology that is secure by design with transparency and control in mind. He is passionate about educating teams on cybersecurity, creating a consistently high quality and secure experience and advocating for a company-wide community that practices cybersecurity. 

“Everyone deserves trustworthy healthcare,” Suárez said. “I believe it’s achievable by focusing on collaboration and transparency. I am excited to create a community of bold and courageous thinkers at CareFirst focused on protecting communities, their privacy and safety, with the mission of making healthcare accessible and affordable for everyone.”  

Suárez started his career in software engineering at Siemens and then worked on remote service platforms for medical devices in Siemens Healthcare Diagnostics. Alongside this work, he chaired the Cybersecurity Steering Committee for the Medical Device Innovation Consortium and the Cybersecurity Working Group for AdvaMed.  

He has worked closely with federal government departments on cybersecurity best practices, including as a member of the Department of Health and Human Services (HHS) Health Care Industry Cybersecurity Task Force. As a continuation of this work, he chaired the public-private Healthcare and Public Health Sector Coordinating Council (HSCC) Med Tech Cybersecurity Risk Management Task Group, which established a plan for improving cybersecurity for medical technology. He is a Certified HealthCare Information Security and Privacy Professional (HCISPP) with degrees in Computer Science from Montclair State University. 

About CareFirst BlueCross BlueShield

In its 86th year of service, CareFirst, an independent licensee of the Blue Cross and Blue Shield Association, is a not-for-profit healthcare company which, through its affiliates and subsidiaries, offers a comprehensive portfolio of health insurance products and administrative services to 3.5 million individuals and employers in Maryland, the District of Columbia and Northern Virginia. In 2022, CareFirst invested $24.1 million to improve overall health, and increase the accessibility, affordability, safety and quality of healthcare throughout its market areas. To learn more about CareFirst BlueCross BlueShield, visit our website at and our transforming healthcare page at, or follow us on Facebook, Twitter, LinkedIn or Instagram.