Tom Scott
CyberSherpas Founder and CEO
Columbia, South Carolina, United States
Actions
Tom Scott Short Bio
LinkedIn: https://www.linkedin.com/in/thomas-scott-7172386/
Thomas Scott (Tom) is the CEO and Founder of CyberSherpas, a virtual Chief Information Security Officer (vCISO) cybersecurity consulting firm. He currently serves as the Executive Director of the South Carolina Cybersecurity Association and Foundation. As the inaugural Director of the SC Cyber Consortium, he has been a key leader in the cyber education, cyber workforce development, and cyber protection efforts in both South Carolina and across the Nation.
With over 30 years of cybersecurity experience in both Florida and South Carolina, Tom has developed a wealth of knowledge and experience in protecting critical infrastructure and cyber assets. He currently holds certifications in information security, information auditing, security leadership, critical infrastructure protection, and project management – he is also recognized a FEMA Continuity of Operations Planning (COOP) Practitioner.
Tom is a member of the FBI’s InfraGard program and serves as an advisory board member for the Dutch Fork High School Cyber program. He has actively participated as a member of the MS-ISAC’s Executive Committee as well as the USC School of Law Cybersecurity Task Force. Tom currently serves the academic community through board service to the Industry Advisory Board for the USC Integrated IT program, and at Florence-Darlington Tech and Aiken Tech.
Area of Expertise
Topics
The 5 Stages of Cyber Grief
In today's digital age, the impact of cybersecurity breaches on organizations can mirror the profound effects of personal loss, leading to what can be described as 'cyber grief.' Drawing from the compelling analogies presented by Mathieu Gorge in Cyber Elephant in the Boardroom, this presentation explores the psychological journey organizations undergo following a cybersecurity incident. This journey mirrors the well-known framework of the five stages of grief: denial, anger, bargaining, depression, and acceptance.
From Compliance to Competitive Advantage: Cybersecurity as a Business Driver in the Age of AI
This presentation explores how leading organizations are reframing cybersecurity—from a cost center to a strategic differentiator. With AI accelerating innovation and risk, executives are embedding security and trust into product development, customer experience, and corporate reputation. The discussion will examine real-world examples of how cybersecurity, AI adoption, and data governance are reshaping board-level conversations and enabling growth.
Cowpens & Cyber: Strategic Leadership That Creates Undeniable Impact
In January 1781, on a quiet pasture in South Carolina, General Daniel Morgan executed one of the most brilliant tactical victories of the Revolutionary War at the Battle of Cowpens. Outnumbered and facing an aggressive British force, Morgan didn’t rely on strength — he relied on strategy.
In this dynamic keynote, Tom Scott connects the leadership lessons of Cowpens to today’s cybersecurity battlefield. Through the principles of choosing the terrain, layered defense, controlled retreat, understanding adversary psychology, and timing decisive action, attendees will discover how strategic thinking—not reactive technology—determines outcomes.
Blending South Carolina history with modern cyber leadership, this session challenges executives and practitioners alike to stop reacting to threats and start shaping the fight. Strategy beats speed. Preparation beats panic. Leadership creates undeniable impact.
Then & Now: Empowering Older Adults to Stay Safe Online
The Then & Now: Empowering Older Adults to Stay Safe Online workshop introduces practical, easy‑to‑understand strategies that help older adults navigate today’s digital world with confidence. Built on the National Cybersecurity Alliance’s Then & Now campaign, the session uses relatable real‑world analogies—like comparing a front‑door deadbolt to multi‑factor authentication—to make modern security practices feel familiar and approachable. Participants learn how to create strong passwords, recognize common scams across email, text, and phone, and keep their devices updated and protected. Because cybercrime often occurs silently and targets older adults at higher rates, the workshop focuses on building awareness without fear, emphasizing clear guidance, simple activities, and actionable next steps. By the end, attendees gain practical skills and greater peace of mind for staying safe online.
From “Security Says No” to Undeniable Impact: Translating Cyber Risk into Product Decisions
Security conflicts usually aren’t about tools or code—they’re about unclear decision rights, fuzzy risk language, and mismatched incentives. In this session, Tom Scott (vCISO and cyber governance leader) shows how to translate cybersecurity risk into product-ready decisions that engineers and leaders can execute without slowing delivery.
You’ll learn a simple, repeatable approach to: define risk in business terms, align controls to what the organization actually values, document decisions without bureaucracy, and prevent “security theater” while still reducing real exposure. Attendees leave with lightweight templates (risk statement, exception memo, and security decision brief) they can use immediately to move from debate to decision—fast.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top