Eric Gaffin , CISSP, HCISPP, CMMC-RP, CCSP

Eric Gaffin, CISSP, HCISPP, CMMC-RP, CCSP, has extensive experience in the heavily regulated industries of healthcare and financial services. Eric began their career in 1991 as the Controller for Vision Limited Partnership, where they managed a 10-person general accounting and back-office operations department. In 1999, they took on the role of Chief Information and Information Security Officer at Vision Financial Markets LLC, where they were responsible for multi-firm GRC activities, including BCDR planning, vulnerability management, and IT controls internal audit support of CFTC, NFA, CBOE, FINRA and SEC compliance. In 2016, they became the Director of Information Security and Compliance Services at Advanced Technology Group (ATG-NYC), where they were responsible for the strategic and tactical management of the firm's compliance-focused professional services teams. In 2020, they became an Advisor to the Office of the CISO at Pagaya, where they were responsible for the global organization's SOC2 Type 1 and subsequent Type 2 audit programs, ISO 27001 program support, and cybersecurity pre-assessment and gap remediation planning for the initial US filing as a registered investment advisor. Eric also became a Member of InfraGard and a vCIO and Senior Information Security Consultant (Remote) at Advanced Technology Group (ATG-NYC). In 2022, they took on the role of Senior Virtual CISO/CIO at smplsolutions, where they were responsible for the redesign and strategic development of all cybersecurity and IT services. Finally, in 2020, they became the Managing Director - vCISO, vCIO at Broadwalk IT Solutions LLC, where they provided information security and technology consulting to clients.

Eric Gaffin holds a Bachelor of Science in Accounting from Binghamton University School of Management. Eric has also obtained a Certified Information Systems Security Professional (CISSP) from (ISC)² in January 2022, a Healthcare Information Security and Privacy Practitioner (HCISPP) from (ISC)² in November 2017, a Certified Cloud Security Professional (CCSP) from (ISC)² in December 2017, a Cloud+ certified from CompTIA in July 2015, and a CMMC Registered Practitioner (RP) - Cyber-AB from Badgr (now part of Instructure) in September 2022.