Thomas Franke

CISO | AI risks & cybersecurity | Governance & Compliance | Human-centred Security Culture | Resilient organisations | Advisor to supervisory boards | Industry, high technology & critical

Cologne Bonn Region

About

As a CISO and security manager, I have a wealth of experience working with international companies, high-tech industries and security-related organisations. In my roles at ZEISS SMT and previously at KUKA, I have formulated international security and data protection strategies, established global security organisations and successfully integrated complex regulatory requirements into everyday operations. My primary focus is on designing security, governance and compliance measures that benefit the business rather than hinder it. One of my key competencies is the harmonisation of complex and diverse corporate structures. I have experience of working across different business areas, maturity levels and cultures, and I am able to provide a consistent and robust level of security and governance. I am able to exercise sound judgement, clarity and assertiveness. I also have experience in sensitive and potentially conflict-laden issues, such as pre-employment and employee screening or regulation-intensive transformations. In doing so, I liaise closely with the board, human resources, works councils, compliance departments and external authorities to find solutions that are legally compliant, responsible and culturally compatible. As a graduate in business law, I combine legal expertise with technical knowledge. This combination enables me to consistently manage international requirements (EU, USA, China) and navigate companies safely through rapidly changing regulatory environments – especially with regard to AI, digitalisation and geopolitical risks. I specialise in identifying roles where information security, technology and governance are strategically intertwined, and where sustainable security architectures deliver quantifiable benefits to corporate success.

Experience

  • Manager Security at HENSOLDT
    May 2026 - Present · 2 mos

  • Head of Information Security at ZEISS Semiconductor Manufacturing Technology
    Jun 2023 - Apr 2026 · 2 yrs 11 mos

    Holistic information security – product security, IT/OT security, physical security, supply chain security, security governance, insider threats (PES/IES)

  • Head of Information Security (CISO) and Data Privacy (DPO) KUKA Group at KUKA
    Jan 2017 - May 2023 · 6 yrs 5 mos

  • ZF Group (Friedrichshafen, Baden-Württemberg, Deutschland)
    • Manager Information Protection
      Jun 2014 - Dec 2016 · 2 yrs 7 mos

      Protecting information – regardless of whether it is in digital, printed or verbal form – from unauthorised access, misuse, manipulation, destruction or loss in order to ensure the ability to act and the trustworthiness of companies.

    • Manager Physical Security and Information Protection
      Jun 2011 - May 2014 · 3 yrs

  • Referent/ Analyst at Bundeswehr / AMK
    Sep 2007 - Jun 2011 · 3 yrs 10 mos

    Preparation of analyses, reports and presentations for the management team and BKAmt