Michelle Griffith has over 20 years of experience running cybersecurity programs for financial services, consulting, and hospitality companies. In her current role as VP of Business Security and GRC, she has focused on maturing the annual security assessment program for PCI-DSS, SWIFT, SOC1, and SOC2 audits by building control automation, reducing stakeholder impact and improving the quality of evidence submissions. At IHG, Michelle’s also built a cybersecurity risk program that leverages risk quantification to drive the prioritization of resources and budget. Michelle leads a team of Business Information Security Officers who integrate security into high-priority business initiatives, ensuring security is built into products early in the process, reducing the cost of security controls, and minimizing risk. She’s run similar GRC programs at First Data, ChoicePoint and SunTrust (now Truist) bank and built privacy programs in the federal government as a consultant at Deloitte. Michelle has several cybersecurity certifications including CISSP, CISM, CIPP and CGEIT.