Author - Roy Mellinger
Roy Mellinger is vice president of information technology security and chief information security officer at WellPoint, overseeing a department of 150 information security and risk management professionals responsible for protecting WellPoint's computer systems, technical infrastructure and information assets. As CISO he is the decision-maker on all corporate information security matters, and establishes security policy and standards for products and systems throughout the organization. He is also responsible for IT risk management and overseeing information technology incident response, cyber-investigation and computer forensic programs.
Mr. Mellinger joined WellPoint in March 2009 bringing 30 years of experience in developing and managing best-in-class physical, logical and information security programs for domestic and international business operations. Prior to joining WellPoint, he served in executive security leadership positions for Sallie Mae, GE Capital, Heller Financial, Household International, Inc. and Spiegel. Before beginning his career in the private sector, Mr. Mellinger worked in the government sector, assigned to both Intelligence and Law Enforcement operations, where he held top-level security clearances and specialized in communications and operational security.
Mr. Mellinger has extensive experience establishing organizational governance structures, risk based operational models, and operational security protocols and programs. He is a Certified Information Systems Security Professional (CISSP), with advanced certifications in Information Security Architecture and Information Security Management. He completed the Project Management Professional (PMP) and Six Sigma Black Belt training and certification programs. He is on the board of directors for HITRUST (The Health Information Trust Alliance) and for NPower Indiana, and is on the advisory board for The Lares Institute.
He is a frequent guest lecturer and keynote speaker on cyber security and information security management best practices. In 2012 he was invited to the White House on several occasions to work with President Obama administration officials, members of the National Security Council, and other federal agency officials on improving government – public sector cooperation on cyber security threats; the President’s National Strategy for Trusted Identities in Cyberspace (NSTIC); and to provide comment during the drafting of Executive Order 13636, Improving Critical Infrastructure Cyber Security issued by President Obama into law on February 12, 2013