Thomas August

Thomas August Email and Phone Number

Cybersecurity Leader | CISO | Board Advisor | Author | Speaker @ AltaMed Health Services
Thomas August's Location
San Diego, California, United States, United States
Thomas August's Contact Details
About Thomas August

Tom August CISSP is an award-winning CISO and respected industry leader with over 30 years of experience in Information Security, IT Auditing and Risk Management. Tom has made a career of developing, implementing and managing financially-responsible cybersecurity programs that effectively balance risk, regulatory requirements and strategic business goals.Tom is currently serving as Vice President, Information Security / Chief Information Security Officer for AltaMed Health Services. Additionally, Tom has served as interim Chief Information Security Officer for both Stanford Children's Health and El Camino Health, and has served as Vice President, Chief Information Security Officer at John Muir Health. As VP / CISO, Tom has overall responsibility for assessing, measuring, addressing and reporting on technology risk and compliance matters across the health system. Previously, Tom has also served in leadership roles at Sharp Healthcare, Sony Corporation, Pacific Life Insurance Company, Deloitte and Ernst & Young. Tom is co-author of “The CISO Handbook”, an alumnus of the FBI CISO Academy, and a frequent presenter at healthcare and information security industry events. Now in its eighth year, Tom’s “Information Security Buzzword Bingo Scorecard” highlights the need for more meaningful dialogue between information security professionals, vendors and business leaders.Awards & Accomplishments: - Becker's Hospital Review "CISOs to know" (2019, 2020) - Graduate FBI CISO Academy (2019) - CSO50 Innovation Award winner (2017) - Creator/author of the annual Information Security Buzzword Bingo Scorecard (2015 - present) - Leadership Board of Directors, National Health Information Sharing and Analysis Center (NH-ISAC), (2012 - 2014) - A frequently-featured speaker at conferences and occasional guest on podcasts, TV and radio (2012 - present) - Co-author of The CISO Handbook (2005)

Thomas August's Current Company Details
AltaMed Health Services

Altamed Health Services

View
Cybersecurity Leader | CISO | Board Advisor | Author | Speaker
Thomas August Work Experience Details
  • Altamed Health Services
    Vice President, Information Security / Chief Information Security Officer
    Altamed Health Services Feb 2023 - Present
    Los Angeles, Ca, Us
    View
  • Stanford Children'S Health | Lucile Packard Children'S Hospital Stanford
    Chief Information Security Officer (Interim)
    Stanford Children'S Health | Lucile Packard Children'S Hospital Stanford Apr 2021 - Dec 2021
    Palo Alto, Ca, Us
    Provided 3rd-party CISO advisory services to lead, maintain and improve the health system's information security program. Significant activities included recruiting and team building, strategic planning & budgeting, updating existing third-party risk assessment and governance processes, and assisting in the planning & execution of multi-organization ransomware tabletop exercises.
    View
  • El Camino Health
    Chief Information Security Officer (Interim)
    El Camino Health Dec 2020 - Apr 2021
    Mountain View, Ca, Us
    Responsible for leading, maintaining and improving the health system's information security program. Significant activities included Board of Directors and Sr. Executive presentations, strategic planning & budgeting, implementing risk management / governance processes, vendor management and recruiting / team building.
    View
  • John Muir Health
    Vice President, Chief Information Security Officer
    John Muir Health Apr 2015 - Aug 2020
    Walnut Creek, Ca, Us
    Provided leadership for an information security program supporting 6,500 employees across two acute-care hospitals, a behavioral health center, the JMH physician network, several outpatient centers and approximately 30 community practices in the east San Francisco Bay Area. Developed a highly regarded team of 15 information security professionals with both strategic and operational duties and proactively managed annual operational and capital budgets totaling approximately $10 million. • Designed, built and managed JMH’s first information security program. This award-winning program design strongly leverages risk and threat assessment to drive the investment and prioritization of resources and aligns with the NIST Cyber Security Framework as well as applicable Federal, State and industry requirements. • Directed the implementation and management of a wide variety of control processes and tools, including policies and standards, third-party risk assessments and penetration tests, identity and access management, network security, advanced anti-malware and anti-phishing protections, medical device security, encryption, mobile devices, cloud access security, vulnerability management and patching, incident response, and extensive training and awareness activities. • Provided regular reports to the Board of Directors and senior leadership on internal and external risk changes, program status, operational effectiveness and key initiatives.• Built close relationships with board members, senior leadership and all levels of staff throughout the health system through active listening, collaboration, honest dialogue, transparent actions and a strong focus on outcomes.
    View
  • Sharp Healthcare
    Director Of Information Security
    Sharp Healthcare Oct 2011 - Aug 2014
    San Diego, Ca, Us
    Led overall strategic direction and operational effectiveness of Sharp's information security program covering 16,000 employees across 7 hospitals, 2 medical groups, a health plan and a variety of shared services. • Led implementation of an information security Governance, Risk and Compliance (GRC) program based on HIPAA, HITECH/Meaningful Use and Payment Card Industry (PCI) requirements and the ISO 27001/27002 controls framework. Program included robust risk assessments, consistent risk reporting processes, policy development, annual strategic plans and prioritized team activities to address areas of highest risk. • Significantly increased level of engagement, awareness and dialogue among Sharp's senior leadership regarding information security-related issues through self-driven strategic presentations, discussions and written communications.• Implemented a training and awareness program based on real-world examples, practical guidance and memorable stories to help get across key points. • Directed team of five experienced information security professionals responsible for executing both strategic and operational duties.• Proactively managed annual operational and capital budgets totaling over $2M.• Assisted in the implementation of a secondary data center used to provide disaster recovery capabilities for Sharp's most essential patient care systems.
    View
  • Sony Corporation Of America
    It Audit Manager
    Sony Corporation Of America Aug 2006 - Oct 2011
    Tokyo, Jp
    Led SCA’s IT auditing efforts of US-based operations of Sony Electronics and two international entities. • Led high-level risk assessment of the Sony Enterprise Network that included extensive collaboration with both global information security and auditing leadership. Selected to present results and recommendations for strengthening internal network controls to Sony Corporation senior leadership prior to the 2011 PlayStation network breach.• Developed annual IT Audit Department audit plan and budget, enterprise-wide risk assessments, departmental goals, and staffing plans for Sony entities based in the Americas.• Built and managed a department consisting of five IT Auditors, which included professional development planning, recruiting, project scheduling, performance evaluations, and training.• Developed and implemented a comprehensive set of technical IT Audit tools across multiple offices and business units in the Americas to enable more consistent and effective IT audits. • Significant audits included a technical assessment of wireless network security that led to the implementation of stronger wireless encryption globally and a Payment Card Industry (PCI) Compliance program review that led to significant improvements in compliance reporting.
    View
  • Pacific Life
    Manager Of Strategic It Security
    Pacific Life Jun 2001 - Sep 2006
    Newport Beach, Ca, Us
    Partnered with reputed world-class Chief Information Security Officer (CISO) to build, design and maintain an enterprise-wide information security program in accordance with HIPAA, Gramm-Leach-Bliley Act, and California SB1386 requirements. • Assisted in the implementation of an ISO/IEC 27001-based Information Security Management System policies and standards.• Designed and led enterprise-wide information security training and awareness classes for over 200 IT technical support staff and IT management.• Worked closely with the CISO to conduct annual risk assessments, program strategy, key objectives, milestones, and executive management reporting. • Coordinated third-party security audits and penetration tests, and collaborated with divisional security officers to identify and remediate root causes.• Developed and managed the Computer Security Incident Response Team (CSIRT) program.• Provided subject matter expertise for numerous IT infrastructure and application projects.
    View
  • Kore Partners
    Director – Information Security, System Integration, And Professional Services
    Kore Partners Jan 2000 - Apr 2001
    Led KORE’s Information Security, Storage Technologies and Network Operations professional service teams consisting of 15 highly technical IT professionals. Directed strategic goals, product and service offerings, sales and marketing, training, budgets, staffing, and performance appraisals.
  • Deloitte
    Manager - Enterprise Risk Services
    Deloitte Jun 1998 - Jan 2000
    Worldwide, Oo
    Managed IT audit and information security consulting projects for a variety of healthcare, retail, defense, high-tech, and financial services clients across the United States, including technical penetration tests as well as SAS70 and disaster recovery plan reviews. Co-leader of the Strategic Security Services business line for the Western US, and provided technical security auditing, vulnerability assessment and penetration testing services. Trained IT Audit team members on the use of technical security auditing tools, such as ISS Internet Scanner, Bindview, NMAP, NAI Cybercop, and other third party security tools.
    View
  • Ernst & Young
    Manager - Information Systems Audit And Assurance Services
    Ernst & Young Jan 1995 - Jun 1998
    London, Gb
    Managed IT audit and information security consulting projects for a variety of retail, manufacturing, high-tech, defense and financial services clients across the United States, including technical penetration tests as well as SAS70 and disaster recovery plan reviews.
    View

Thomas August Skills

Information Security Information Security Management It Audit Cissp Security Information Technology Disaster Recovery Computer Security Pci Dss Risk Assessment Network Security Vulnerability Management Iso 27001 Hipaa Vulnerability Assessment Security Audits Risk Management Business Continuity Integration Sarbanes Oxley Act Governance Penetration Testing Enterprise Risk Management Identity Management Itil Sas70 Strategic Planning Application Security U.s. Health Insurance Portability And Accountability Act Cobit Security Architecture Design Security Awareness It Governance Intrusion Detection

Thomas August Education Details

  • California State University, Fullerton
    California State University, Fullerton
    Accounting

Frequently Asked Questions about Thomas August

What company does Thomas August work for?

Thomas August works for Altamed Health Services

What is Thomas August's role at the current company?

Thomas August's current role is Cybersecurity Leader | CISO | Board Advisor | Author | Speaker.

What is Thomas August's email address?

Thomas August's email address is th****@****lth.com

What is Thomas August's direct phone number?

Thomas August's direct phone number is +192597*****

What schools did Thomas August attend?

Thomas August attended California State University, Fullerton.

What skills is Thomas August known for?

Thomas August has skills like Information Security, Information Security Management, It Audit, Cissp, Security, Information Technology, Disaster Recovery, Computer Security, Pci Dss, Risk Assessment, Network Security, Vulnerability Management.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.