Tom is a partner in his firm and has more than 20 years of experience in the cybersecurity industry. He leads cybersecurity compliance services and specializes in consulting with Fortune 1000 and large enterprise assessment and strategic compliance program consulting.

Tom is one of the earliest CMMC Provisional Assessors and is the leader of the firm’s CMMC advisory team, having led FORVIS, LLP to become the sixth Authorized C3PAO firm in the country. He has provided NIST 800-171 and CMMC consulting services to multiple Fortune 500 prime defense contractors, and has led seven of the earliest NIST 800-171 Joint Surveillance Voluntary Assessments (JSVA)s with early adopters of the CMMC initiative.

In addition to significant experience with NIST 800-171 and CMMC, Tom leads the PCI QSA, ISO 27001, and NIST CSF consulting practices at FORVIS. He has been published in national publications and is a regular speaker on cybersecurity and privacy topics at various industry events.