During his 17 years of experience as a cybersecurity engineer, Tom has assisted organizations in assessing their cybersecurity effectiveness through formal security assessments using industry standards such as NIST SP 800-53, ISO 27001, HIPAA, SOC2, and the Cybersecurity Framework. Tom has assisted dozens of commercial and governmental organizations in implementing security requirements to address risk within their cybersecurity program. Tom is the co-author of ISACA’s guide for implementing the NIST Cybersecurity Framework, a book which assists organizations in connecting the principles of the Cybersecurity Framework and COBIT 5 to achieve an effective cybersecurity program. Additionally, he was a principal architect and subject matter expert in the development of the CMMI Cybermaturity Platform, a self-assessment SaaS tool that helps organizations identify a risk informed cybersecurity program and track their progress as the program is implemented.
Conference Track: Building Resilience Through Greater Cybersecurity Capability
Evolving technologies, threats, and business priorities require cybersecurity programs to continually change and improve. CISOs, CROs, CSOs, and CIOs must understand where the cybersecurity program is today as well as the business risks that need to be addressed to enable productive evolution and keep their program on track. Having a plan, while critically important, is only the start in the continual journey for cybersecurity improvements. Effectively measuring and monitoring your progress will ensure your program remains on track and adapts as necessary. During this session, we’ll discuss methods for measuring capabilities, tracking progress, and maintaining your target goals to ensure your cybersecurity program remains on track to ensure business success.