Vice President, Stroz Friedberg Digital Forensics & Incident Response, Aon
Heather is a Vice President for Stroz Friedberg’s Houston office where she leads a wide variety of engagements, including data breach/incident response matters, complex digital forensics investigations, security risk assessments, and cyber due diligence investigations.
Since joining Stroz Friedberg in 2018, Heather has led and managed some of the firm's most complex incident response engagements, including the largest healthcare ransomware event in U.S. history which was perpetrated by threat actors during the COVID pandemic. Heather has also managed the ransomware response engagements involving the shutdown of operations of a national food supplier, manufacturing plant and several energy producers. She regularly works with outside counsel to assist clients with regulatory inquiries as a result of the theft of data by organized cyber criminals.
In addition, Heather assists clients with incident response plan development, cyber threat tabletop exercises, and she has led multiple enterprise risk assessments of clients' information security maturity, along with penetration tests, physical security assessments, background investigations, deep and dark web intelligence gathering and M & A cyber due diligence investigations.
Heather also works closely with cyber brokers to advise clients on cybersecurity best practices before the underwriting process.
Heather is a testifying expert on HIPAA privacy and security laws, and she manages privacy compliance services including PII and HIPAA risk assessments for healthcare clients across the country.
Prior to joining Stroz Friedberg, Heather was the HIPAA Privacy Officer for a national litigation support company for over eleven years. In that capacity, Heather created and implemented a nationwide HIPAA privacy and security program in compliance with federal and state regulations. Prior to her legal experience, Heather was a healthcare social worker and risk manager in behavioral health.
Heather is a frequent speaker and author on topics related to Cybersecurity Best Practices, HIPAA, and Data Breach Laws. She has been published in US LAW Magazine and The Rocky Mountain Mineral Law Foundation Journal and she was recently appointed by the Texas Bar President to be part of the Texas Bar Artificial Intelligence Task Force for 2024.