Thomas Nohs, CISSP, RP, CCP

Certified Information Systems Security Professional (CISSP) 2018
Certified CMMC Professional (CCP) 2023

Trained and Certified Information Cybersecurity Professional.
Information Technology Specialist for over 35 years in the small business and mid-tier market. The last 15 years have been dedicated to implementing and practicing good cyber hygiene with many small and mis-size companies. I have worked with the FBI and high-profile cybersecurity forensic companies on cyber events like Ransomware, highjacked account, malware, compromised email accounts, advanced persistent threats, etc…. Unique experience in dealing with Ransomware and Cyber Insurance.

Our goal is to prepare companies for cyber events as well preventing it from happening. It is called the “Left of Boom”. Boom is the cyber event; Left is the preparation or prevention of a cyber event. “Boom” is the cyber event.
DataSoftNow is a consulting company focused solely on Cybersecurity. We work with several Managed Service Providers (MSP) both on Long Island and Manhattan in varying degrees of both compliance and certification for their company as well as their clients. With newly released regulations; HIPAA, Privacy – NIST SP 80053A Rev4 Appendix J, New York SHIELD Act, ISO 27001 preparation, Part 121 (Education, NIST Cybersecurity Framework 1.1), DoD NIST SP 800- 171 Compliance; now certification, and NY DFS Part 500 there have been an increase in Third-Party security audits.

Over the past few years DataSoftNow has worked with many DoD contractors with their NIST SP 800-171 assessments. In November 2020 DoD contractors were required to file their NIST SP 800-171 along with a POAM or risk not being awarded contracts. Starting in late 2023 DoD contractors will now be requiring CMMC 2.0 certifications to be awarded contracts. In response to this we registered as a candidate for a Level 2 CMMC-AB certification. We also registered and passed the exam to become a Registered Practitioner which allow us to work with DoD contractors prepare for the CMMC-AB certifications. Registered Practitioners are trained by the CMMC-AB specifically to help contractors with their preparedness. Recently passing the DoD CMMC CCP training and exam, I have been awarded the distinct certification as a Certified CMMC Professional (CCP).

2017 – Certified Information System Security Professional (CISSP) from the (ICS)2, the world largest and most prestigious cybersecurity organization in the world.
2021 – Registered Practitioner (RP), Department of Defense run organization, CMMC-AB (Cyber-AB).
2022 – DataSoftnow is a candidate Certified Third-Party Assessor Organization (C3PAO) with the Department of Defense (Cyber AB). The organization is pursuing the CMMC L2 Certification. DataSoftNow at this point is the only Long Island company pursuing this Certification.
2023 – Certified CMMC Professional (CCP), Department of Defense run organization, CMMC-AB (Cyber-AB). 2023 – Applied for the CMMC Certified Assessor (CCA)

Cyber Incidents:
I have worked on many cyber incidents starting in 2009. These incidents were mainly ransomware, credential compromise with fraudulent use of email resulting in the redirection of funds, several FBI walk-in warnings regarding current dark-web access and selling of credentials or selling of sensitive data, and Advanced Persistent threats.