Thomas Graham

Dr. Thomas Graham, PhD serves as the CISO for Redspin, a top Healthcare Security company based in Austin, TX. Prior to this, he supported the Defense Health Agency in a variety of roles where his team received a FedHealthIT award for innovation presented at the National Press Club in Washington, DC, Official Naval Commendations, and the Captain Joan Dooling Award. Dr. Graham currently holds MBA and MS-Technology Systems degrees, along with his PhD in Information Assurance.

Throughout his career, Dr. Graham has worked in a variety of capcities to include being an Information Security Officer for DISA where he oversaw numerous assessments across a variety of projects and programs. Additionally, he has extensive NIST experience working with multiple DoD agencies on Risk Management Framework (RMF) and prior DIACAP packages. 

As the lead for the DHA MARS Team, Dr. Graham's 15 person team provided assessment interpretation and remediation implementation across multiple commands worldwide. This activity also included providing updates to DISA on STIG guidance, DHA policy creation, and systematic best practice implementation.

Dr. Graham has also received CISSP and HCISPP designations, along with other industry recognized certifications throughout his career and currently serves on the MIS advisory board for East Carolina University. He has spoken at numerous industry conferences to include ISC2 Security Congress 2019, the National Cyber Summit, and the 2019 Qualys Security Conference.