During his 20+ years of experience as a cybersecurity engineer, Tom has assisted organizations in assessing their cybersecurity effectiveness through formal security assessments. Tom has assisted commercial and governmental organizations in implementing security requirements to address risk within their cybersecurity program. Tom is the co-author of ISACA’s guide for implementing the NIST Cybersecurity Framework, which assists organizations in connecting the principles of the Cybersecurity Framework and COBIT 5 to achieve an effective cybersecurity program. Additionally, he was a principal architect in the CMMI Cybermaturity Platform, a self-assessment SaaS tool that helps organizations define a risk informed cybersecurity program.