make a good business better
Thomas Lewis, CISSP, CISA, QSA, Chief Executive Officer, Information Security

Thomas Lewis, CISSP, CISA, QSA Chief Executive Officer, Information Security

Print Divider Print Divider Branding


Phone: 615-309-2296




Thomas Lewis is Shareholder-in-charge of LBMC Information Security, LLC.

He draws on more than twenty years of experience as a business leader and information security professional to help clients manage their security program within the context of the business’ overall risk environment.

Thomas has assembled a team of seasoned and nationally recognized security professionals, all of whom provide a real-world perspective to government agencies and contractors, healthcare providers and payers, and other organizations with complex security requirements.

Thomas helps his clients turn their security efforts into a competitive advantage by:

  • Designing, developing and implementing comprehensive security programs that meet the needs of the executive boardroom as well as the security and compliance offices
  • Performing assessments that eliminate gaps in compliance with PCI and FISMA standards and other security frameworks
  • Enabling CMS contractors to reduce audit findings and qualify for performance awards and contracts through practical roadmaps to remediation


  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Payment Card Industry Qualified Security Assessor (PCI QSA)


Before joining LBMC, Thomas co-founded a managed security services company, which became LBMC Managed Security Services in 2008, and before that he established and ran a security consulting company. Combined with about ten years as an information security professional with national accounting and consulting firms, this entrepreneurial experience has given Thomas the insight to understand information security issues from a business leader’s perspective.

“Thomas not only demonstrated an impeccable grasp of the information security, IT controls, governance, and risk management domain but more importantly understood it in the context of our business and industry.” –CSO client

Community Involvement

Thomas frequently speaks on the need for information security executives to take a more holistic perspective of business risk. The founding president of the Middle Tennessee chapter of the Information Systems Security Association (ISSA) chapter, he has spoken at ISSA conferences, as well as meetings of the Information Systems Audit and Control Association (ISACA) and other local and national organizations.

Thomas is active in and continues to support many community organizations, particularly being a coach for his daughters’ soccer teams.

Outside the Office

A native of Nashville, Tennessee, Thomas resides in Hendersonville with his wife and four daughters.  Being the only male in his home, Thomas has a very diverse knowledge of fashion, hairstyles and the latest “boy band” gossip.

Thomas is normally seen with a large cup of coffee and while not in the office he is normally working on some type of building project around his house.  Thomas enjoys scuba diving, very loud music and any type of new power tool.