Photo of Troy Hawes
Troy Hawes
Managing Director
CCSFP, CDPSE, CHQP, CISSP, CISM, CISA, PCI QSA

Biography

Troy has provided IT consulting services since 2001. He leads the firm’s HIPAA & HITRUST Compliance Services. Troy serves clients in a variety of industries including health care, technology, local and Tribal governments, and higher education.

Troy has extensive experience managing and leading technology security and compliance assessments using a number of different security frameworks including HITRUST CSF, HIPAA Privacy and Security Rules, NIST Cybersecurity Framework, NIST Special Publication 800-53, ISO 27002, Cloud Controls Matrix, Payment Card Industry Data Security Standards, and others. He leverages his cybersecurity experience to identify areas of potential risk and provide recommendations for remediation.

Troy is a frequent speaker and highly published thought leader on IT compliance and cybersecurity topics.

External Publications

  • Safeguard Sensitive Patient Data with HITRUST CSF Controls (Puget Sound Business Journal, May 2018)

Selected Speaking Engagements

  • Why IT Compliance Isn’t Enough to Keep Your Organization Safe
    (Moss Adams Webcast, October 2020)
  • Cybersecurity for CFOs
    (Moss Adams Webcast, October 2020)
  • Current State of Cybersecurity
    (Annual Business Owners & Accounting Professionals, Bellingham, November 2018)
  • Are You Ready to Deal with a Cyberattack?
    (Oregon Government Finance Officers Association (OGFOA) 2018 Fall Conference, October 2018)
  • Are You Ready for GDPR?
    (International Association of Independent Accounting North America Conference, August 2018)
  • All You Need to Know about Cybersecurity
    (International Association of Independent Accounting North America Conference, August 2018)
  • Integrating Cyber Security and Business Continuity to Ensure Continued Operations
    (NTCA 2018 Finance & Accounting Conference, August 2018)
  • GDPR Disruption: Are You Prepared for the Impact and Changes?
    (Dallas Chapter Technology CFO Series, April 2018)
  • Emerging Cyber Threats to Casinos
    (National Indian Gaming Conference, April 2018)
  • Internal Controls: Top Reasons Your Tribe Got Hacked
    (Native American Finance Officers Association Conference, April 2018)
  • Cybersecurity Best Practices Using the NIST Framework
    (Western Telecommunications Alliance Spring Conference, March 2018)

Professional Affiliations

  • Member, Information Systems Audit and Control Association
  • Member, International Information Systems Security Certification Consortium
  • Member, Cloud Security Alliance
  • Member, Health Information Trust Alliance
  • Member, Payment Card Industry Security Standards Council

Insights from Troy Hawes