Tom Gancarski is a consultant at a cybersecurity-focused CPA firm, where he specializes in data privacy, risk management, and security compliance engagements relating to SOC 2, GDPR, HITRUST, Privacy Shield, and similar regulations/frameworks. Prior roles include regulatory compliance and risk management positions at Deutsche Bank, HSBC, and BNY Mellon. He also worked as an auditor at a regional consulting firm.
Tom has spoken at cybersecurity events and seminars for CPA and CISO audiences on multiple topics including security frameworks, privacy, governance, and vendor risk management. He holds CPA licenses in Indiana and Alaska and is licensed to practice law in Massachusetts. Tom is also a Certified Information Privacy Professional/ Europe (CIPP/E), and a Certified Information Systems Auditor (CISA). Back to Top