LIPN, LIEN, ILTA, Infragard, (ICS)2, NY Chapter of (ICS)2, and CMMC-AB.
I started my career as a programmer, network engineer and dba. The year was 1992 I was asked to convert a non-compliant Y2K cobalt application into a VB front-end application with a SQL database on the back end that would also be integrated with their newly created web site. This was in preparation for the COBOL Y2K dilemma. The application was used to track vendor purchases in the three major airports of New York (JFL, Newark, and LaGuardia) for the Port Authority of New York and New Jersey.
Starting in 1994, I started a long successful career at a major Manhattan law firm as a LAN administrator and was quickly promoted to Manager of IT for the Connecticut Office. In 1999 Mr. Nohs was promoted to Manager of Systems & Operations for the firm and then in 2005 promoted to Director of Information Technology reporting directly to the CEO. As Director of IT he was challenged with many projects that included firm-wide infrastructure upgrade, telephony upgrades, data center upgrades and data center move. All with their own challenges but all very successful.
In 2009 I was confronted with the one of the most challenging issue of the time, cybersecurity. The FBI brought all the major New York law-firms together in one location to let them know that almost all the firms have been hacked. From that day forward every project and every process that was implemented was implemented with security involved. I was directly involved in writing the security policies, implementing a security department, change management, configuration management, incident response, annual security assessments and going from nothing to a full-scale cybersecurity approach in our everyday processes.
In 2016 I started a consulting company focused solely on Cybersecurity. I am working with several Managed Service Providers (MSP) both on Long Island and Manhattan in varying degrees of both compliance and certification. With newly released regulations; New York SHIELD Act, Part 121 (Education), and NY DFS Part 500 there have been an increase in Third-Party security audits. In two cases the clients are demanding ISO 27001 Certifications.
Over the past few years DataSoftNow has worked with several DoD contractors with their NIST SP 800-171 r1 assessments. In November 2020 DoD contractors were required to file their NIST SP 800-171 r1 along with a POAM or risk not being awarded contracts. Starting in 2021 DoD contractors will now be required to become certified to be awarded contracts. In response to this Tom registered as a candidate for a Level 3 CMMC-AB assessor. Tom also registered and passed the exam to become a Registered Practitioner which allow him to work with DoD contractors prepare for the CMMC-AB certifications. As a Registered Practitioner and performing Readiness Reviews are an essential step in preparing for the certification. Registered Practitioners are trained by the CMMC-AB specifically to help contractors with their preparedness.