Thomas Graham

IANS Faculty

Dr. Thomas Graham, Ph.D., serves as the VP and Chief Information Security Officer (CISO) at Redspin, a top cybersecurity, and privacy consulting firm, the first authorized C3PAO, and one of the first organizations to conduct a DIBCAC High assessment under the Joint Surveillance Program. Dr. Graham is the architect of Redspin becoming the first authorized C3PAO, performing numerous Joint Surveillance Voluntary Assessment Program (JSVAP) assessments, speaking on CMMC and NIST requirements, and Chairing the MIS Advisory Board at East Carolina University.

He is responsible for all internal security items for Redspin and its affiliates. Before Redspin, he served as the CISO for CynergisTek, a publicly traded company, supporting numerous Hospitals and Medical Facilities. He also as supported varous branches of the DoD to include being an ISSO for DISA.

  • CMMC
  • Vulnerability Management
  • Policy and Procedure
  • Incident Response
  • Azure Security Configuration

Achievements & Contributions

Dr. Graham has supported the Defense Health Agency (DHA), where his team received a FedHealthIT award for Innovation, presented to them at the National Press Club in Washington, DC. He has also received official Naval Commendations, and the Captain Joan Dooling Award for operational excellence.

Certifications & Credentials

  • CCA
  • CCP
  • Security+
  • CEH
  • Six Sigma Greenbelt

Hobbies & Fun Facts

Dr. Graham has troubleshot almost every natural disaster possible while travelling internationally over his career. In his downtime, Dr. Graham enjoys collecting comics and helping advise numerous cybersecurity students.