Partners, principals and associates

Milwaukee (Headquarters)

10000 W Innovation Dr.
Milwaukee, WI 53226

Tel:

414.431.9300

Email: tom.wojcinski@wipfli.com

Tom Wojcinski, CISA, CRISC

Principal

Tom Wojcinski is a principal in Wipfli’s cybersecurity and technology management practice. He specializes in helping organizations reduce and manage the risks that modern technology and information systems introduce to their organization. In today’s business environment, customers, trading partners, regulators, and employees expect continuously available and secure information systems. To help meet this expectation, Tom works with clients to increase the security, availability, and recoverability of their information assets.

Tom leads a variety of engagements designed to help improve organizations’ cybersecurity posture, including cybersecurity risk assessment, control program development and implementation, incident response planning and simulation, vulnerability and penetration testing, security audit, control verification, and managed detection and response. He is a frequent author and speaker on cybersecurity and information technology (IT) risk management topics.

Certifications

Certified Information Systems Auditor
Certified in Risk and Information Systems Controls

Professional Memberships and Activities

American Institute of Certified Public Accountants (AICPA) - Member
Information Systems Audit and Controls Association (ISACA) - Member
Cloud Security Alliance (CSA) - Member
Health Information Trust Alliance (HITRUST) - Member

Services

Business consulting services

Areas of Focus

Cybersecurity
IT risk management
Managed services

Education

Marquette University

Bachelor of science degree in business administration with majors in finance and information technology

Recent Insights

Articles

How cybersecurity boosts business resilience
Mar 15, 2023

Protect your manufacturing operations from digital disruption
Jan 23, 2023

Your nonprofit’s cyber and IT assessment checklist
Apr 04, 2022

New data security laws for insurers: How to comply with NAIC cybersecurity model law
Mar 27, 2022

Cyber regulations reach insurance industry with NAIC insurance data security model law
Mar 09, 2022

Why nonprofits should kick off 2022 with an IT and cyber assessment
Dec 12, 2021

The four biggest CMMC 2.0 changes
Dec 06, 2021

3 cybersecurity tips for financial services
Dec 05, 2021

Top cybersecurity and IT assessment tools for nonprofits
Oct 28, 2021

How CEOs can be proactive in cybersecurity
Sep 13, 2021

$1.8 million penalty issued to financial services firms, signaling increased enforcement of NYDFS cybersecurity regulations
Jul 28, 2021

What you need to know about CMMC — today
Feb 09, 2021

A guide to CMMC: Who it applies to, how it will impact you, what parts of your org it applies to
Feb 08, 2021

How to prepare for CMMC
Feb 05, 2021

SolarWinds’ cyberattack may impact you — here are immediate actions to take
Dec 16, 2020

New interim rule continues DoD push to increase the security and resilience of the Defense Industrial Base sector
Oct 22, 2020

Multifactor authentication: Why you need it now
Jun 02, 2020

Investing in cybersecurity pays dividends
May 11, 2020

Cybercrime and your money: Banking on human error
May 08, 2020

How to protect your business from ransomware
Apr 17, 2020

Managing risk from vendor dependencies in a crisis
Apr 01, 2020

Fighting the wave of coronavirus phishing scams
Mar 17, 2020

5 steps to strong cybersecurity for remote employees
Mar 15, 2020

Public Wi-Fi hygiene for your employees
Mar 13, 2020

DoD adds critical verification component to defense contractor cybersecurity requirements
Feb 07, 2020

How cybercriminals are targeting construction companies — and how to prevent it
Dec 11, 2019

5 cybersecurity due diligence best practices
Sep 30, 2019

Iranian cyberattacks and BlueKeep: What you need to know
Jul 16, 2019

Blogs

Healthcare is cybercriminals’ most targeted sector — here’s what you can do
Nov 13, 2020

Iranian cyberattacks and BlueKeep: What financial institutions need to know
Jul 31, 2019

BlueKeep and Iranian cyberattacks: What manufacturers need to know
Jul 23, 2019

Webinars

Build resilience through an effective cybersecurity plan
Mar 10, 2023

What is a red team exercise, and how is it different from a purple team exercise?
Oct 21, 2022

What is MDR, and do you need it?
Oct 13, 2022

What should you look for when selecting a penetration test?
Oct 06, 2022

Healthcare Connections: Build a more cyber resilient healthcare organization
Sep 27, 2022

Cyber insurance readiness with JKJ
Apr 18, 2022

NAIC cybersecurity model rule implementation
Jan 12, 2022

Diving into CMMC 2.0
Nov 19, 2021

SEC fines for cybersecurity breaches: How to increase your security and avoid penalties
Oct 21, 2021

Business continuity planning post-pandemic. Keeping your program current and flexible
Jun 22, 2021

Best practices for manufacturers to boost hybrid workforce productivity and keep your Microsoft environment secure
May 05, 2021

Managing cyber risks for businesses
Mar 11, 2021

Diving into CMMC requirements — including recent updates
Nov 18, 2020

Managing cyber risk: Protecting yourself beyond HIPAA
Nov 17, 2020

Asset management webinar: OCIE risk alert updates
Sep 30, 2020

What you need to know to comply with DoD cybersecurity certification requirements
Mar 11, 2020

Cloud Security and Data Privacy for Tech Companies
Oct 22, 2019

In The News

External News

Banks can face costly fallout of breaches
Wisconsin Bankers Association | Dec 07, 2020

© 2022 Wipfli LLP. "Wipfli" refers to Wipfli LLP, a Wisconsin limited liability partnership, and its subsidiaries. Assurance, tax and consulting services are offered through Wipfli LLP. Investment banking and related services are offered through Wipfli Corporate Finance LLC. Wipfli LLP is a member of Allinial Global, an association of legally independent firms. ”Wipfli CPA” is the DBA name of Wipfli LLP in New York state, and refers to Wipfli LLP.