- Gartner client? Log in for personalized search results.
Gartner Expert
Tom Croll
Sr Director Analyst
Tom Croll is a Certified Cloud Security Professional (CCSP) and researches various aspects of public cloud security. Mr. Croll tracks the security and compliance capabilities of cloud service providers, researches how to design and deploy secure workloads in public clouds and monitors the threat and vulnerability landscape present in public cloud services. Related areas of research include cloud access security brokers (CASB), Cloud Security Posture Management (CSPM), and the integration of security into DevOps (DevSecOps). As a former agile coach, he also specializes in recommending workflow methodologies appropriate to each customer's unique individual skill-sets, requirements and external constraints in order to maximize value.
Previous experience
Mr. Croll was the lead cloud security architect for EU Withdrawal projects at the Financial Conduct Authority of the U.K. He advised multiple product groups on security strategy in line with organizational risk appetite. He conducted research and analysis of new architectural patterns for secure cloud deployments. He led numerous digital transformation projects for moving enterprise workloads into the cloud. He advised DevOps teams on appropriate methodologies for successful delivery such as Scrum, Kanban and Cynefin. He used big data and complexity theory to help numerous companies improve their security posture through automation and innovation.
Professional background
Financial Conduct Authority
Senior Cloud Security Architect
Pearson
Lead Cloud Security Architect
Visa Europe
Senior DevSecOps Engineer
Areas of coverage
Security and Risk Management Leaders
Security of Applications and Data
Security Operations
Agile and DevOps (retired)
Infrastructure Security
Education
M.Sc., Computational Neuroscience, Royal Holloway University
B.Eng., Electronic Engineering with Music (hons), University of Glasgow
Top Issues That I Help Clients Address
1How can we deploy IaaS securely?
2How can we manage SaaS securely?
3How do we combine security with Agile methodologies?
4How do I collaborate securely using SaaS applications?