Veteran cybersecurity strategist and former U.S. government advisor to drive industry engagement and accelerate adoption of HITRUST’s comprehensive portfolio, strengthening third-party and vendor risk management across sectors
Frisco, TX, August 14, 2025
HITRUST, the leader in information security assurance for risk management and compliance, today announced that Tom Kellermann has joined the company as Vice President of Cyber Risk. A recognized leader in cybersecurity strategy, risk management, and policy, Kellermann will drive HITRUST’s industry engagement, thought leadership, and expansion into new markets, with a focus on elevating third-party and supply chain security programs. Kellermann brings over two decades of cybersecurity leadership experience from both the public and private sectors.
Kellermann will help accelerate the adoption of HITRUST’s comprehensive portfolio of threat-adaptive information security and AI assessments, along with operational enablement tools that make effective and efficient TPRM practical. These include electronic results distribution and exchange, concierge onboarding services, and the company’s new integration with ServiceNow’s TPRM platform — delivering the most reliable and measurable information risk management assurances available.
Third-party involvement is present in 30% of breaches today, according to Verizon’s 2025 Data Breach Investigations Report (DBIR). A major focus of Kellermann’s work will be in Third-Party Risk Management (TPRM) helping guide organizations on strengthening supply chain security and business resilience leveraging HITRUST’s comprehensive portfolio — integrating threat-adaptive security assessments with operational enablement tools that make strong and efficient TPRM practical, driving cost reductions, risk mitigation, and program simplification. In his new role, Kellermann will advise organizations, industry, and governments on best practices in cyber risk management, security, and compliance to enhance resilience and trust in digital ecosystems.
"We are thrilled to welcome Tom to the HITRUST team," said Blake Sutherland, Executive Vice President, Market Engagement of HITRUST. "His unique combination of government advisory experience and private sector cybersecurity leadership makes him an invaluable addition as we continue to help organizations achieve unmatched cyber resilience. Tom's expertise will be instrumental in advancing our mission to deliver quantifiable proof of risk reduction."
Prior to joining HITRUST, Kellermann served as Chief Cybersecurity Officer for Carbon Black Inc. and Head of Cybersecurity Strategy for VMware. He previously held executive positions at Contrast Security, Trend Micro, and Core Security, and served as Deputy CISO for the World Bank Treasury. His government service includes appointments to the Cyber Investigations Advisory Board for the United States Secret Service in 2020 and the Commission on Cyber Security for the 44th President of the United States in 2008.
"I'm excited to join HITRUST at a time when organizations need more than ever to demonstrate measurable cybersecurity outcomes," said Kellermann. HITRUST’s vision, practical approach, and record of preventing breaches match my commitment to developing effective security solutions. I look forward to helping advance the industry's understanding of effective cyber risk management."
Kellermann has also contributed to cybersecurity education and thought leadership throughout his career. From 2007-2015, he taught cybercrime courses as an adjunct professor at American University's School of International Service and Kogod School of Business. In 2017, he was appointed the Wilson Center's Global Fellow for Cyber Policy. He co-authored the book "Electronic Safety and Soundness: Securing Finance in a New Age" in 2003 and holds the Certified Information Security Manager (CISM) certification.
This appointment reinforces HITRUST's commitment to maintaining its position as the gold standard in cybersecurity assurance. As demonstrated in HITRUST's 2025 Trust Report, organizations with HITRUST certifications experience dramatically fewer breaches, reporting an incident rate of just 0.59% in 2024.