Tom Schmidt

EY EMEIA Financial Services Cybersecurity Competency Leader; EY Switzerland Financial Services Cybersecurity Leader; Partner, Financial Services Cybersecurity Competency, Ernst & Young AG

Focusing on all aspects of information security, cybersecurity, and IT risk management. Passionate about traveling the world and engaging in various sports.

Tom has more than 35 years’ experience in information technology and more than 25 years of practical Information Security, Cybersecurity, Cyber Risk Management and IT risk and regulatory compliance experience.

Tom is seasoned in leading and providing cybersecurity assessments, cybersecurity consulting projects, IT security audits, IT and Cyber Risk Management projects, Third Party Risk Management (TPRM) and general IT audit and consulting services for national and international clients in the Financial Services and Industry sectors. He has also led several Cloud Risk / Cloud Security and SWIFT Customer Security Program (CSP) projects covering organizational, technical and regulatory aspects and consulted many clients in the area of Information Security processes, security strategy and Cybersecurity transformation initiatives.

Tom is a Certified Business Economist FH/HWV, holds a diploma in Master of Advanced Studies (MAS) Information Security, is certified as ISO 27001 and ISO 22301 Lead Implementer and has the following international certifications: CISSP, CCSP, CISA and CRISC.

How Tom is building a better working world

“Cyber risks are constantly increasing in a digitalized world and they are one of the top business risks for any company nowadays. Supporting our clients in being better prepared for cyber-attacks and cyber incidents, either in consulting them on these topics or with the performance of organizational and technical cybersecurity assessments contributes significantly to build a better working and more resilient world and to keep our clients in business even when they are under attack.

Furthermore, it is crucial to have enough well educated and trained employees in the areas of information security and cybersecurity. Being a member of the technical board and a lecturer at the Master of Advanced Studies Cyber Security at the University of Applied Science Lucerne is directly contributing to these educational aspects.”