Tod Ferran

Principal Consultant, Coalfire Systems, Inc., Greenwood Village, Colorado

Tod Ferran

Tod Ferran is a Principal Consultant for Coalfire Systems, Inc. with 35 years of IT security experience, he provides security consulting services, risk analysis, risk mitigation strategies, HIPAA and PCI compliance assessments for organizations throughout the United States and across the globe. Prior to joining Coalfire, Ferran was Managing Consultant for HALOCK Security Labs, Ferran was also a Security Analyst for SecurityMetrics, he previously held the president position for several successful managed service providers and directed software and security development teams in the US, India, and the Netherlands.
Professional Background:
Tod Ferran began his career as a ‘C’ programmer and Unix system administrator for Televox/Spectrum Access, then transitioned to a technical management position at Lightspeed/Bell & Howell, overseeing customer system administration (Unix), product release, and product enhancement departments.

Ferran spent 12 years as the CIO & Director of IT for Riverton Motor Co in Utah and Nevada during a period of rapid growth and acquisition, implementing and improving network architecture, overseeing IT security, and aligning IT goals with business objectives.

Ferran filled the role of Global Director of Development for Data2Logistics, overseeing engineers and database administrators in designing and building software products and services.

Serving as the President of the company, Tod helped grow a start-up technology outsource fulfillment company in Northern Utah for nearly 3 years, managing the completion of a new datacenter and directing a datacenter renovation for a large nonprofit organization.

From there, Ferran joined SecurityMetrics, starting as an IT security auditor in 2011. He performed PCI compliance auditing and security consulting for companies around the globe. During SecurityMetrics initial development of a HIPAA compliance product, Ferran took the initiative to craft HIPAA Security Rule policy templates and thorough Risk Analysis compliance procedures.

He took a quick detour to turn around a financially distressed company, Integratechs, Inc. As President of the company he filled the sales pipeline through reorganizing the sales team and by creating the vision of what the company could become. Eventually, he restructured the company, allowing it to be sold in 2013 at which time Ferran returned to SecurityMetrics.

Ferran joined the team at Coalfire in September of 2021 performing PCI compliance audits for organizations around the world.


Speaking Experience:
Ferran has spoken more than 25 times in the last 12 years.

His onsite speaking engagements include the CampIT Conference, Workgroup for Electronic Data Interchange (WEDI) Annual Conference, ISC2 CyberSecure Gov Annual Conference, Society of Corporate Compliance and Ethics (SCCE) Conference, American Society for Healthcare Risk Management (ASHRM) Conference, American Association of Orthopedic Executives (AAOE) Annual Conference, American Academy of Professional Coders (AAPC) Healthcon, South Carolina Primary Health Care Association (SCPHCA) Conference, Practice Management Institute (PMIMD) Annual Conference, Utah Valley University Lecture Series, Utah Health Information Network (UHIN) Regional Conferences, and Professional Association of Health Care Office Management (PAHCOM) Conferences.

His topic list is extensive, but mainly ranges across PCI DSS, IT security, network vulnerabilities, and HIPAA.

Speaker Intro:
Tod Ferran is a Mensan, and a Principal Consultant for Coalfire Systems, Inc. with 35 years of IT security experience. In addition to many speaking engagements and webinars, he provides security consulting, risk analysis assistance, risk mitigation strategies, as well as HIPAA and PCI compliance assessments for organizations throughout the US and across the globe.

Mr. Ferran has conducted over 100 IT security audits.

His credentials include membership in Mensa, PCI Qualified Security Assessor, ISO 27001 Lead auditor and is a Certified Information Systems Security Professional (CISSP).