Dr. Thomas Graham MBA, MS, PhD

Dr. Thomas Graham, Ph.D., is VP and Chief Information Security Officer (CISO) at Redspin, the first authorized C3PAO and a leader in CMMC assessments under the JSVAP program. A CMMC Certified Assessor (CCA), Certified Professional (CCP), and Certified Instructor, Dr. Graham played a pivotal role in Redspin becoming the first C3PAO and has helped numerous organizations achieve CMMC certification. He oversees internal security for Redspin and previously supported the Defense Health Agency (DHA), where his team received a FedHealthIT Award. Holding a Ph.D. in Information Assurance and Security, an MBA, and a Master’s in Technology Systems, he also chairs the MIS Advisory Board at ECU. Dr. Graham regularly speaks at CIC, CMMC Day, ISC2 Security Congress, and other top cybersecurity events.