SecureWorld Healthcare Virtual Conference 2024

Rebecca Herold has more than 30 years of security, privacy, and compliance experience. She is founder of The Privacy Professor Consultancy (2004) and of Privacy & Security Brainiacs SaaS services (2021) and has helped hundreds of clients throughout the years. Rebecca has been a subject matter expert (SME) for the National Institute of Standards and Technology (NIST) on a wide range of projects since 2009, including: seven and a half years leading the smart grid privacy standards creation initiative, and co-authoring those informative references and standards; two years being a co-author of and a SME member of the team that created the Privacy Framework (PF) and associated documents; and three years as a SME team member, and co-author of the Internet of Things (IoT) technical and non-technical standards and associated informative references; and performing throughout the years proof of concept (PoC) tests for a variety of technologies, such as field electricity solar inverters, PMU reclosers, and associated sensors. Rebecca has served as an expert witness for cases covering HIPAA, privacy compliance, criminals using IoT devices to track their victims, stolen personal data of retirement housing residents, tracking apps and website users via Meta Pixels and other tracking tech, and social engineering using AI. Rebecca has authored 22 books, and was adjunct professor for nine and a half years for the Norwich University MSISA program. Since early 2018, Rebecca has hosted the Voice America podcast/radio show, Data Security & Privacy with the Privacy Professor. Rebecca is based in Des Moines, Iowa, USA. www.privacysecuritybrainiacs.com

Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

A 20+ year information security veteran, Ian has served in many leadership positions to include CIO/CISO. Ian also led a multi-billion dollar mission charged with developing and operating advanced cyber capabilities for the Undersecretary of Defense (Intelligence), the DoD Chief Information Officer, and the Secretary of the Air Force. In this role he led high impact global teams and advised the US Congress and Executive Branch, resulting in a coordinated, funded national approach to resolve the highest cyber concerns of Government leadership. In the financial sector, Ian has led strategic capabilities to protect critical infrastructure from cyber-attack.

Kevin is the System Director of Security Operations at Main Line Health, a mid-sized hospital system in Suburban Philadelphia, where his team oversees all non-GRC aspects of information security. He has more than a decade of information security experience and is a licensed attorney in Pennsylvania and New Jersey. He currently holds a CISSP certification as well as a CIPP/US certification. Kevin went to the College of the Holy Cross in Worcester, MA, for undergrad with a degree in Philosophy, and attended the Villanova University School of Law.

Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.

Matthew Maynard a seasoned cybersecurity professional with a wealth of experience in IT security and incident response. Currently serving as an IT Security Incident Response Analyst at BJC HealthCare, Matthew specializes in monitoring operations, networks, and infrastructure for security issues. His expertise extends to ethical hacking, penetration testing, and providing strategic leadership in various healthcare and corporate settings. With a diverse skill set encompassing CISSP, CASP+, and more, Matthew is dedicated to fortifying digital landscapes against emerging threats.

Kenneth Moras is a recognized leader in the cybersecurity Governance, Risk, and Compliance (GRC) space, with extensive experience in building GRC teams from the ground up at Plaid and scaling large GRC programs at notable organizations such as Meta and Adobe. His expertise also extends to cybersecurity consulting for Fortune 500 companies during his tenure at KPMG. He holds various certifications, including CISSP, CISA, ISO 27001 LA, CDPSE, CEH, CHFI, and CCNA. Kenneth enjoys staying up-to-date with offensive strategies used by attackers and building proactive risk management programs that serve as business enablers.

Violet Sullivan leads cyber consulting services at Crum & Forster. She works with insurance carriers, trade associations, and individual business clients from around the world providing expert guidance on cybersecurity threat management and response. She represents Crum & Forster within the legal, insurance, and risk management channels to develop long-term relationships, recurring revenue, and new business growth. Ms. Sullivan is a licensed attorney in Texas and Pennsylvania and a Certified Information Privacy Professional (CIPP/US), with her JD and MBA degrees from Baylor University. In addition to her full-time role, Violet serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LL.M. Degree in Litigation Management, the first of its kind nationwide. Her diverse practice experience at both the individual and policy levels has prepared her for developing new tools and approaches to solving what is fast-becoming a pervasive and costly challenge in modern industry: how to respond to a cybersecurity incident.

Early in her career, Violet worked on the incident responses for some of the largest and most notable data breaches to date, including: Home Depot, Sony, and Anthem. Her experience in managing scaled breach responses led to her expertise and proficiency in proactively preparing organizations for cyber incidents. In the past eight years, she has facilitated over 450 cyber incident simulations (tabletops) for public and private sector companies, including many Fortune 100 companies.

As a cybersecurity and privacy attorney, Violet provides consulting services to respond to the needs of various cybersecurity programs. She reviews and develops customized incident response plans to ensure organizations are prepared to respond efficiently and effectively to a data breach. Violet also helps improve internal coordination by facilitating customized tabletop simulations focused on "pressure-testing" an organization's incident response procedures and protocols. Each of these customer-facing services mentioned has been built and developed for the purpose of creating long-standing relationships that turn to Violet for guidance, referrals, questions, and future projects.

As a cybersecurity and privacy professor, Violet developed the entire curriculum for an innovative course on cybersecurity and privacy law for licensed attorneys working toward their LL.M. degree. The specific focus on litigation management has made Sullivan’s course and her lecture series uniquely valuable to experts across the United States.

Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

Ms. Haywood brings a highly diverse skill set to businesses. For more than 17 years, prior to moving into Security, she specialized in Human Resources, Business Development, Risk Strategy, Contracts Management, and Program Audit. Combined with her eight years in Security Governance, Risk & Compliance, she is considered a multi-talented leader, supporting Fortune 500 companies and government organizations in an array of industries (e.g., Healthcare, Education, Financial, Federal, Technology). Ms. Haywood's knowledge and experience of security frameworks, governance standards (such as NIST 800-53, SOC1/2 Type 2, ISO 27001:2013, HIPPA-HITECH, PCI), and risk methodologies have led to her success in program development, management, and audits for companies. This applied skillset has resulted in a savings of more than $1.1 million in potential contract losses. Additionally, she’s designed and developed a Medical Device Cybersecurity program for one of the largest Healthcare organizations in the Dallas-Ft. Worth region of Texas. Ms. Haywood holds a certificate as a Cyber Security Practitioner.

Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.

With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.

VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.

VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.

David focuses on complex cyber, privacy, technology, and professional liability issues and is a dedicated and fierce advocate for his clients.

Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to The Anschutz Corporation, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.

Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).

Violet Sullivan works with insurance carriers, trade associations, and individual business clients from around the world providing expert guidance on cybersecurity threat management and response. She represents Crum & Forster within the legal, insurance, and risk management channels to develop long-term relationships, recurring revenue, and new business growth. Ms. Sullivan is a licensed attorney in Texas and Pennsylvania and a Certified Information Privacy Professional (CIPP/US), with her JD and MBA degrees from Baylor University. In addition to her full-time role, Violet serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LL.M. Degree in Litigation Management, the first of its kind nationwide. Her diverse practice experience at both the individual and policy levels has prepared her for developing new tools and approaches to solving what is fast-becoming a pervasive and costly challenge in modern industry: how to respond to a cybersecurity incident.

Early in her career, Violet worked on the incident responses for some of the largest and most notable data breaches to date, including: Home Depot, Sony, and Anthem. Her experience in managing scaled breach responses led to her expertise and proficiency in proactively preparing organizations for cyber incidents. In the past eight years, she has facilitated over 450 cyber incident simulations (tabletops) for public and private sector companies, including many Fortune 100 companies.

As a cybersecurity and privacy attorney, Violet provides consulting services to respond to the needs of various cybersecurity programs. She reviews and develops customized incident response plans to ensure organizations are prepared to respond efficiently and effectively to a data breach. Violet also helps improve internal coordination by facilitating customized tabletop simulations focused on "pressure-testing" an organization's incident response procedures and protocols. Each of these customer-facing services mentioned has been built and developed for the purpose of creating long-standing relationships that turn to Violet for guidance, referrals, questions, and future projects.

As a cybersecurity and privacy professor, Violet developed the entire curriculum for an innovative course on cybersecurity and privacy law for licensed attorneys working toward their LL.M. degree. The specific focus on litigation management has made Sullivan’s course and her lecture series uniquely valuable to experts across the United States.