Loretta Gronewold

Loretta Gronewold, CRISC, ISA, PCIP, has over two decades of experience in cybersecurity compliance, currently serving as a Senior Cybersecurity Compliance Analyst in the Office of General Counsel for Privacy & Data Governance at ACT since May 2002. Loretta's expertise includes creating and modifying cybersecurity training materials and planning cybersecurity exercises, such as phishing campaigns. Previous roles at ACT involved managing audit and compliance activities for both Enterprise Information Systems and Corporate Systems, with a focus on regulatory and contract requirements. As a long-time attendee of ISACA conferences and training events, Loretta has engaged in ongoing professional development in the field. Loretta holds a degree from the University of Iowa, completed between 1986 and 1993.