Board of Advisers
Our exclusive board of advisers guides this site’s coverage of security, fraud, privacy, risk management
and other key issues. These experts provide input about the latest hot topics and contribute insight for news
coverage, podcast interviews and guest blogs. They regularly offer expert advice about regulatory compliance and the
current threat landscape, as well as provide insights about risk management strategies and security technologies.
Vice President, Experian Data Breach Resolution
Michael Bruemmer is Vice President, ExperianÂ® Data Breach Resolution at Experian Consumer Services, the leading provider of online consumer credit reports, credit scores, credit monitoring, other credit-related information, and protection products. With more than 25 years in the industry, Michael brings a wealth of knowledge related to business operations and development in the identity theft and fraud resolution space where he has educated businesses of all sizes and sectors through pre-breach and breach response planning and delivery, including notification, call center and identity protection services.
former Regulator, U.S. Department of Health and Human Services; Partner, Davis Wright Tremaine LLP
Greene is a partner in the Washington, D.C. office of Davis Wright Tremaine and co-chair of its Health Information Group. He primarily counsels health care providers, technology companies, and financial institutions on compliance with the HIPAA privacy, security, and breach notification rules. Previously, Greene was a regulator at the U.S. Department of Health and Human Services, where he played a fundamental role in administering and enforcing the HIPAA rules. At HHS, he was responsible for determining how HIPAA rules apply to new and emerging health information technologies and was instrumental in the development of the current HIPAA enforcement process. Greene is the Chair of the HIMSS Cloud Security Workgroup and is a frequent speaker and author on health information privacy and security issues.
Rebecca Herold is President of SIMBUS LLC, a cloud-based privacy and security firm and also CEO of The Privacy Professor, a consultancy. She is also author of 19 books on information security and privacy.
Co-Founder and CEO, CynergisTek, Inc.
McMillan is co-founder and CEO of CynergisTek Inc., a firm specializing in information security and regulatory compliance. He has more than 30 years of federal and private sector experience in managing and delivering information security services and is chair of the HIMSS Privacy and Security Steering Committee.
Partner, Co-Chair - Data Protection, Privacy & Access to Information (US), Norton Rose Fulbright
David Navetta is a U.S. Co-Chair of Norton Rose Fulbright's Data Protection, Privacy & Cybersecurity practice group. Navetta focuses on technology, privacy, information security and intellectual property law. His work ranges from compliance and transactional work to breach notification, regulatory response and litigation. Navetta has served a wide range of clients from large Fortune 500 multinationals, retailers, healthcare companies and financial institutions, to sophisticated technology companies, traditional brick-and-mortar companies, energy companies and startups. He is a Certified Information Privacy Professional through the International Association of Privacy Professionals and previously served as a Co-Chair of the American Bar Association's Information Security Committee.
Partner, Cybersecurity, Information Governance and Privacy, and Financial Services Litigation Practices, Troutman Sanders
Raether leads the Cybersecurity, Information Governance and Privacy practice group at Troutman Sanders, and is a partner in the firm's Financial Services Litigation group. Raether is known as the interpreter between businesses and information technology, and has assisted companies in navigating federal and state privacy laws for more than 20 years. His understanding of technology led him to be involved in legal issues that cross normal law firm boundaries, including experience with data security, data privacy, patent, antitrust, and licensing and contracts. This experience allows him to bring a fresh and creative perspective to data compliance issues with the knowledge and historical perspective of an industry veteran.