Thomas J. DeMayo leads the Firm’s Cybersecurity and Privacy Advisory Group of the Firm and is responsible for the implementation and design of cybersecurity and privacy related services, internal and external audit programs and testing procedures. He focuses on services relating to threat and vulnerability management, governance, privacy, incident response, business continuity, disaster recovery and computer forensics.
He has 20 years of experience with securing and managing information risk across a wide range of industries including commercial entities, hospitality, not-for-profit, governmental, healthcare, private schools and higher education. He is also a computer forensic specialist and can assist with the acquisition and analysis of data in a forensically sound and legally-approved manner.
Tom specializes in the areas of information threat and vulnerability management, PCI-DSS compliance, SOX 404 IT Controls, HIPAA, COBIT, and ISO 27001. He has helped many organizations achieve their compliance obligations through intensive and meaningful compliance gap analysis, cyber and information security risk assessments, privacy assessments and penetration tests. Tom has also made numerous presentations on cybersecurity before client and industry groups and has written extensively in this area.