Rebecca Herold

The Privacy Professor

CEO, Privacy & Security Brainiacs | Expert Witness & Author

Rebecca Herold, CDPSE, FIP, CISSP, CIPM, CIPP/US, CIPT, CISM, CISA, FLMI, Ponemon Institute Fellow, has over 25 years of IT, info sec, & privacy experience; CEO & Founder (2004) of Rebecca Herold, LLC, aka The Privacy Professor(R); CEO & Founder (2020) of Privacy & Security Brainiacs; and host of the radio/podcast show “Data Security & Privacy with the Privacy Professor” https://www.voiceamerica.com/show/2733/data-security-and-privacy-with-the-privacy-professor. Founder (2014) & Engineer/Architect, and Owner of all IP for content, specifications and architecture of SIMBUS, LLC and all derivatives thereof.

Rebecca is an entrepreneur, author & was an Adjunct Professor for the Norwich University Master of Science in Information Security & Assurance Program for 9 years where she also created program curriculum. Rebecca led the NIST Smart Grid privacy group for 7 years and is a founding member of the IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group (June 2015). Rebecca has received numerous awards and recognitions for her work throughout the course of her career. Rebecca has is currently finishing her 20th published book to date, plus chapters in many books and hundreds of articles. Some of Rebecca’s books include:
* Security & Privacy when Working from Home & Travelling
* The Practical Guide to HIPAA Privacy and Security Compliance (2 editions)
* Data Privacy for the Smart Grid
* The Privacy Papers
* Managing an Information Security and Privacy Awareness and Training Program (2 editions)

Rebecca has a B.S. in Math & Computer Science & an M.A. in Computer Science & Education. Rebecca is a longtime member of ISACA, Infragard, IAPP, ISSA, (ISC)2, IEEE & ACM.

Other activities include:
IANS Research Faculty member
NIST IoT Cybersecurity Development SME team member since January, 2020. Supporting development of the NIST 8259 family of controls capabilities documents.

Specialties: Global privacy & security governance & compliance programs; IoT; AI; privacy laws; data flow analysis; privacy impact assessments (PIAs), performing and teaching classes since 2005 for how to perform; data subject access requests (DSARs); incident & breach response; vendor security & privacy management; security & privacy awareness & training; information security & privacy risk assessments; data & systems security engineering