Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

Mark Dill, CISM, CRISC <br>  Cybersecurity Auditor
Mark Dill, CISM, CRISC
Cybersecurity Auditor
Principal Consultant

Mark joined tw-Security in 2015 and was a longtime colleague of Tom’s since 2006. The following are Mark’s bio highlights:

  • Over 30 years of experience in IT and technical management, and 20 years of Information Security experience with a focus on strategic and tactical initiatives
  • tw-Security, Partner, and Principal Consultant
  • Certified Information Security Manager, Certified in Risk and Information Systems Control, ISACA Cybersecurity Audit Certificate
  • Providing cybersecurity advisory and CISO services for multiple covered entities and business associates
  • Key areas of expertise:
    • Enterprise risk analysis and risk management initiatives
    • Cybersecurity assessments with multiyear strategic planning
    • Security program maturity evaluations
      • HICP [Cybersecurity Act of 2015 (CSA), Section 405(d)],
      • NIST Cyber Security Framework (CSF)
    • Aligns security programs cross-referenced to multiple standards and frameworks
    • Prepares organizations to achieve SOC 2 with formal attestation, or attain ISO 27001 certificate of compliance
    • Performs incident response preparation and breach management
    • CISO mentoring
    • Healthcare resilience program assessments
  • Recognized in December 2016 and in December 2015 by Health Data Management magazine as one of the ‘50 Top Healthcare IT Experts’ and by as one of the most influential people in healthcare information security in 2014
  • Former – Chief Information Security Officer for The Cleveland Clinic; responsible for the deployment of information security and disaster recovery best practices, and compliance with HIPAA, PCI, and Internal Control Effectiveness / SOX regulations and standards
  • Known for developing a ‘Book of Evidence’ – guiding organizations on how to prepare for and pass an OCR audit