How Boards Can Address the Security Risks of Over-Confidence
Sep 21, 2023

Greg Michaels is the global head of governance and strategy in Kroll's Cyber Risk practice, based in Secaucus. In this role, Greg partners with clients at the strategic and operational level to build proactive information security programs, helping them to comply with regulatory requirements and minimize enterprise risk. Greg works with clients of all sizes across industries and has deep experience collaborating across functional units and communicating complex technical matters in plain spoken terms to executive stakeholders.
Greg has particularly deep experience helping healthcare organizations enhance their security, privacy, and compliance programs, enabling them to navigate the complex regulatory landscape and emerging global threats.
Prior to joining Kroll, Greg worked as Chief Security Officer for BluePrint Healthcare IT, where he led the Security, Privacy, and Compliance practice for more than five years. Earlier in his career, Greg worked as an Information Security Analyst for i3 Global (United Health Group), and as a Network and Security Administrator for PXRE Group, Ltd.
Greg is an active participant in HIMSS, NJ-HIMSS, HFMA, and ISACA, and is a frequent speaker at security and privacy conferences.
M.S., Network Security (Information Assurance), Capitol College
B.S., Biological Sciences, Rutgers University
PCI Qualified Security Assessor (QSA)
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Systems Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Business Continuity Professional (CBCP)
Project Management Professional (PMP)
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Our data privacy and compliance experts translate the technical into practical and cut through less-than-specific legal requirements to navigate the complex compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).