Thomas DeMayo

Thomas DeMayo

Principal , Cyber Risk Management Group

Thomas DeMayo is a Principal in the Cyber Risk Management Group of the Firm and is responsible for the implementation and design of the Firm’s cyber security service client offerings, internal and external audit programs and testing procedures. His cyber security services relate to threat and vulnerability management, governance, privacy, incident response, business continuity, disaster recovery and computer forensics.

He has extensive experience with securing and managing information risk across a wide range of industries including commercial entities, hospitality, not-for-profit, governmental, healthcare, private schools and higher education. He is also a computer forensic specialist and can assist with the acquisition and analysis of data in a forensically sound and legally-approved manner

Tom specializes in the areas of information threat and vulnerability management, PCI-DSS compliance, SOX 404 IT Controls, HIPAA, COBIT, and ISO 27001. He has helped many organizations achieve their compliance obligations through intensive and meaningful compliance gap analysis, cyber and information security risk assessments, privacy assessments and penetration tests.  He has also made numerous presentations on cyber security before client and industry groups and has written extensively in this area.