Cybersecurity and Healthcare Data Speaker Bios

John Guerriero

John Guerriero
Senior Policy Analyst
Homeland Security & Public Safety

John Guerriero serves as a senior cybersecurity policy analyst on the Homeland Security & Public Safety team of NGA’s Center for Best Practices, where he supports Governors’ staff and state policymakers on issues related to cybersecurity, including governance, workforce development, and election security. Prior to joining the homeland security team at NGA, John focused on workforce development, including registered apprenticeship and occupational licensing, as a part of NGA’s Economic Opportunity team. John holds a master’s degree in public policy and a bachelor’s degree in political science from the University of Michigan.

John Riggi
Senior Advisor for Cybersecurity and Risk
American Hospital Association

John Riggi, having spent nearly 30 years as a highly decorated veteran of the FBI, serves as the first senior advisor for cybersecurity and risk for the American Hospital Association and their 5000+ member hospitals. John leverages his distinctive experience at the FBI and CIA in the investigation and disruption of cyber threats, international organized crime and terrorist organizations to assist on policy and advocacy issues and provide trusted advisory services for the nations’ hospitals and health systems. His trusted access to hospital leadership and government agencies enhances John’s national perspective and ability to provide uniquely informed risk advisory services.

John represented the nation’s hospitals in testimony provided to the Senate Homeland Security Committee hearing on cyber threats to hospitals in Dec. 2020. John also served as the nation’s hospital representative to the FCC hospital robocall protection group which made final recommendations on reducing unlawful robocalls to hospitals in Dec. 2020. John initiated and co-led a national HHS/healthcare sector task group to develop resources to assist the field in managing cyber risk as an enterprise risk issue. John launched a national campaign with the AHA and government agencies to help members protect medical research against foreign threats.

In various leadership roles at the FBI, John served as a representative to the White House Cyber Response Group and a senior representative to the CIA and was the national operations manager for terrorist financing investigations. John also led counterintelligence field surveillance programs in Washington DC and financial crimes and terrorist financing squads in New York City. John ultimately rose to the ranks of the Senior Executive Service and in that capacity led the FBI Cyber Division national program to develop mission critical partnerships with the healthcare and other critical infrastructure sectors. John held a national strategic role in the investigation of the largest cyber-attacks targeting healthcare and other sectors.


Federal Health, Federal Civilian Division, Chief Information and Security Officer
General Dynamics Information Technology

Melina Scotto is the Federal Health Chief Information Security Officer for GDIT and leads cyber-risk reduction across over 150 contracts and supports 100 cybersecurity engineers and analysts at FDA, NIH, HHS, CMS, IHS and CDC. Melina holds current CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), CEH (Certified ethical hacker) and CISA (Certified Information System Auditor) credentials. Her professional concentration is in Federal, international and domestic health care data security and privacy regulations as well as general FISMA requirements.

In 2004, Melina secured global health systems providing anti-retroviral drugs to PEPFAR countries with John Snow Inc. where she worked primarily in network security administration. She configured PKI for Linux servers and managed Cisco VoIP systems for a nationwide telecommunications project. In 2009, Melina moved from international HIV work to domestic healthcare at George Washington Medical Faculty Associates. In 2012, Melina moved to National Institutes of Health (NIH) where she held several security posts. Currently, she leads a team of 14 security engineers and auditors for National Cancer Institute where projects move quickly, and data must be secured for FISMA compliance using NIST SP 800-53 rev 4 technical controls, NIST Cybersecurity framework and Department of Homeland Security Continuous Diagnostics and Mitigation (DHS/CDM) requirements both on-premises and in FedRAMP cloud environments.

A Maryland resident and lifelong Orioles fan. When not securely linked into a server, Melina enjoys volunteering with the Girl Scouts of the Nation’s Capital and local children’s classical choirs.