Thomas Graham

IANS Faculty

Expertise

  • CMMC
  • Vulnerability Management
  • Policy and Procedure
  • Incident Response
  • Azure Security Configuration

Profile

Dr. Thomas Graham, Ph.D., serves as the VP and Chief Information Security Officer (CISO) at Redspin, a top cybersecurity, and privacy consulting firm, the first authorized C3PAO, and one of the first organizations to conduct a DIBCAC High assessment under the Joint Surveillance Program. Dr. Graham is the architect of Redspin becoming the first authorized C3PAO, performing numerous Joint Surveillance Voluntary Assessment Program (JSVAP) assessments, speaking on CMMC and NIST requirements, and Chairing the MIS Advisory Board at East Carolina University.


He is responsible for all internal security items for Redspin and its affiliates. Before Redspin, he served as the CISO for CynergisTek, a publicly traded company, supporting numerous Hospitals and Medical Facilities. He also as supported varous branches of the DoD to include being an ISSO for DISA.

Expertise

  • CMMC
  • Vulnerability Management
  • Policy and Procedure
  • Incident Response
  • Azure Security Configuration

Qualifications

Achievements & Contributions
Dr. Graham has supported the Defense Health Agency (DHA), where his team received a FedHealthIT award for Innovation, presented to them at the National Press Club in Washington, DC. He has also received official Naval Commendations, and the Captain Joan Dooling Award for operational excellence.
Certifications & Credentials
  • CCA
  • CCP
  • CMMC PI
  • CISSP
  • HCISPP
  • Security+
  • CEH
  • Six Sigma Greenbelt

Portal Publications