Thomas J. DeMayo

Partner, PKF O’Connor Davies Advisory LLC

Thomas DeMayo

Thomas J. DeMayo leads the Firm’s Cybersecurity and Privacy Advisory Group and is responsible for the implementation and design of cybersecurity and privacy related services, internal and external audit programs and testing procedures. He focuses on services relating to threat and vulnerability management, governance, privacy, incident response, business continuity, disaster recovery and computer forensics.

He has 20 years of experience with securing and managing information risk across a wide range of industries including commercial entities, hospitality, not-for-profit, governmental, healthcare, private schools and higher education. He is also a computer forensic specialist and can assist with the acquisition and analysis of data in a forensically sound and legally-approved manner.

Tom specializes in the areas of information threat and vulnerability management, PCI-DSS compliance, SOX 404 IT Controls, HIPAA, COBIT, and ISO 27001. He has helped many organizations achieve their compliance obligations through intensive and meaningful compliance gap analysis, cyber and information security risk assessments, privacy assessments and penetration tests. Tom has also made numerous presentations on cybersecurity before client and industry groups and has written extensively in this area.

Professional Affiliations & Civic Involvement

  • Information Assurance Certification Review Board
  • Information Systems Audit and Control Association
  • International Association of Privacy Professionals
  • International Council of E-Commerce Consultants (EC-Council)
  • International Information Systems Security Certification Consortium (ISC2)
  • New York State Society of Certified Public Accountants (NYSSCPA)


  • CISSP – Certified Information Systems Security Professional
  • CISA – Certified Information Systems Auditor
  • CRISC – Certified in Risk and Information Systems Control
  • CIPP/US – Certified Information Privacy Professional
  • CPT – Certified Penetration Tester
  • MCSE – Microsoft Certified Systems Engineer
  • CEH – Certified Ethical Hacker
  • CCFE – Certified Computer Forensic Examiner
  • CHFI – Certified Hacking Forensic Investigator


  • Wagner College, Bachelor of Science degree, magna cum laude in Computer Science with concentrations in Mathematics and Accounting