Tom Croll is a Certified Cloud Security Professional (CCSP) and researches various aspects of public cloud security. Mr. Croll tracks the security and compliance capabilities of cloud service providers, researches how to design and deploy secure workloads in public clouds and monitors the threat and vulnerability landscape present in public cloud services. Related areas of research include cloud access security brokers (CASB), Cloud Security Posture Management (CSPM), and the integration of security into DevOps (DevSecOps). As a former agile coach, he also specializes in recommending workflow methodologies appropriate to each customer's unique individual skill-sets, requirements and external constraints in order to maximize value.
Mr. Croll was the lead cloud security architect for EU Withdrawal projects at the Financial Conduct Authority of the U.K. He advised multiple product groups on security strategy in line with organizational risk appetite. He conducted research and analysis of new architectural patterns for secure cloud deployments. He led numerous digital transformation projects for moving enterprise workloads into the cloud. He advised DevOps teams on appropriate methodologies for successful delivery such as Scrum, Kanban and Cynefin. He used big data and complexity theory to help numerous companies improve their security posture through automation and innovation.
Financial Conduct Authority
Senior Cloud Security Architect
Lead Cloud Security Architect
Senior DevSecOps Engineer
Security and Risk Management Leaders
Security of Applications and Data
Agile and DevOps (retired)
M.Sc., Computational Neuroscience, Royal Holloway University
B.Eng., Electronic Engineering with Music (hons), University of Glasgow
1How can we deploy IaaS securely?
2How can we manage SaaS securely?
3How do we combine security with Agile methodologies?
4How do I collaborate securely using SaaS applications?