With more than 20 years of hands-on technical and executive leadership experience in IT Security Architecture & Technology, Security Operations Centres (SOC), Managed Security Services (MSSP), Information Security Strategy and Governance (CISO), Incident Response and OT Security, Tom is convinced that you can make Cyber Security working for you as a gain instead of a pain.
Prior to his current role as co-founder and managing partner at Cybervalue, Tom was technical operations executive and CISO at a dedicated security ‘scale-up’ in London focused on providing Managed Detection and Response services. Before that, Tom was CISO at Worldline and performed strategic consulting roles at both HPE and IBM. Tom led Verizon’s global consulting practice focused on security analytics, SOC, SCADA/ICS protection and threat management solutions.
What does Tom do?
At Cybervalue, Tom advises customers on their cyber security strategy by looking at what security controls and risks they have today and help create a security roadmap in line with their security requirements and desired risk posture. He also helps customers with the acquisition and implementation of these security solutions and services. Besides that, he helps customers prepare for and respond to cyber incidents, helps improve security in industrial control environments and serves as CISO-ad-interim.
Next to helping end-customers, we advice service providers on improving their security offering and provide due-diligence to venture capital firms that are looking to invest in service providers.
Tom at the Data Protection Institute
Tom has a deep technical and strategical understanding in cybersecurity topics which means he can bring real hands-on experience in the courses he deliver for DPI along with his colleague Gert Van den Poel.
“He who defends everything, defends nothing” is a quote by Frederik The Great. For me it means no IT Security team can monitor every application, network, system and information asset that a company has, no incident response team can follow up on every alert and security event, and no manager has the budget for every new security technology that is announced. At Cybervalue we focus on those risks that are critical for your organisation by applying the following methodology.
“Knowing what you have before you can protect it” is the foundation of our successful approach, combined with a risk-based prioritisation of your information assets. Based upon this, controls need to be implemented or existing ones optimised that consider the asset’s importance and risks, resulting in the right protection level.
Tom as a teacher
Besides the theoretical frameworks, it’s important that students get guidance on how to use these frameworks in a practical manner so that they are effectively improving cybersecurity in their organizations.
Stay informed via our newsletter
Stay connected with our latest news, offers and available training.