 |
Rebecca Herold, CISSP, CISM Rebecca Herold, LLC Tel: (515) 996-2199 • Author |
Over two decades of information security, privacy and compliance expertise, twice named Best Privacy Adviser, “The Privacy Professor”®.
Background
Rebecca Herold is an independent information privacy, security
and compliance consultant, author and instructor. Rebecca has over 16
years of compliance, privacy and information security experience, and
assists organizations of all sizes with their information privacy, security
and regulatory compliance programs. She specializes in risk assessment,
gap analysis, policy content development, awareness and training, strategy
development and implementation. Rebecca is also an adjunct professor for
the Norwich University Master of Science in Information Assurance (MSIA)
program. Rebecca has a B.S. in Math and Computer Science and an M.A. in
Computer Science and Education.
Rebecca authored The Privacy Papers (Auerbach) in 2001, co-authored The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach) in 2003, authored Managing an Information Security and Privacy Awareness and Training Program (CRC Press) published in 2005, and The Privacy Management Toolkit (Information Shield) published in 2005. Rebecca has also authored two e-books through realtimepublishers.com (The Business Executive Practical Guides to Compliance and Security Risks book series and The Definitive Guide to Security Inside the Perimeter), chapters for several books, has written a monthly column in the Computer Security Institute Alert newsletter since late 2000, and writes often for other various publications. Rebecca speaks often at conferences and developed and teaches the two-day Managing a Privacy Governance Program workshop for the Computer Security Institute.
Rebecca is a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), a Certified Information Systems Manager (CISM), and a Fellow of the Life Management Institute (FLMI). Rebecca has been a member of the Information Systems Audit and Control Association (ISACA) since 1990 and has held all board positions throughout her membership in the Iowa chapter. Rebecca is a charter member of the Iowa InfraGard chapter that was formed in 2000, and a member of the International Association of Privacy Professionals (IAPP). Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group which was awarded the CSI Outstanding Security Program of the Year Award in 1997.
Prior to owning her own business, Rebecca served in key privacy and security roles at several companies. She was Vice President, Privacy Services and Chief Privacy Officer at DelCreo, Inc. where she created information security and privacy policies, standards and procedures for multiple Fortune 500 organizations. There she developed her Privacy Impact Analysis (PIA) method used by companies to determine gaps in their privacy practices and organization processes.
Prior to DelCreo, Rebecca was Chief Privacy Officer and Senior Security Architect for QinetiQ Trusted Information Management, Inc. (Q-TIM). Prior to joining Q -TIM, Rebecca was the Global Security Practice Central Region Security Subject Matter Expert for 2 years at Netigy, and before that Rebecca was Senior Systems Security Consultant at Principal Financial Group.