EXPERIENCE
Thomas Millar joined the TrustedSec Incident Response team with 20 years of system security and digital forensics experience. His areas of focus have been Network Intrusion and Incident Response. Prior to joining the TrustedSec Incident Response team, he began his work in IT field support for PC and Apple Mac platforms and was employed to support the IT needs for a small private university in Northern California. More recently, Thomas also worked as an Incident Response consultant for RSA NetWitness and IBM Emergency Response Services.
EDUCATION & CERTIFICATIONS
Thomas attended Forensics Response training provided by Carnegie Mellon University (CMU) and the U.S. Defense Cyber Investigations Training Academy (DCITA). He has had additional education in cyber operations from the U.S. Army for both offensive and defensive efforts at the Cyber Center of Excellence (CCOE) in Fort Gordon, GA. He is also a graduate of the Cyberspace Operations Planners Course (COPC), where senior military leaders devise and formulate real-world mission planning, from initial tasking and concept to execution.
PROFESSIONAL AFFILIATIONS
- Military Cyber Professionals Association (MCPA)
- South Bay Amateur Radio Society (SOBARS)
- American Radio Relay League (ARRL)
INDUSTRY CONTRIBUTIONS
Thomas’ work has been published in two (2) IBM X-Force Threat Intelligence Quarterly journal articles. He was also a contributing author to the Cisco Router and Switch Forensics book by Syngress Publishing. Since joining TrustedSec, Thomas has posted several blog articles on Incident Response and computer forensic subjects and was a co-host for a webinar on business email compromises.
PASSION FOR SECURITY
Thomas has been driven by curiosity from an early age about anything that was locked or obscured. This developed into a keen interest in finding all that can be revealed in computer intrusion examinations and security breaches. Thomas especially enjoys situations that involve Linux host analysis but always leaves room to learn about other systems and platforms.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Guarding Your Inbox: Navigating Business Email Compromises
Join our experts as they dive into the world of Business Email Compromises (BECs) to equip you with the knowledge to fortify your organization's inboxes.
Incident Response: Bring Out the Body File
Find all files on a Linux host with detailed attributes using the find and stat commands.
Getting Analysis Practice from Windows Event Log Sample Attacks
Here's a meta description summarizing the key benefits, purpose, and value proposition of the webpage, limited to 150-160 characters.
Windows event log…
ESXiArgs: What you need to know and how to protect your data
Vulnerable ESXi servers are at risk from the ESXiArgs ransomware campaign; patch or upgrade immediately to prevent data loss.
The Benefits of Enabling Timestamps in Your Command-Line History
Setting up and utilizing the command history facility in Linux for forensic purposes can provide valuable insights into command-line activities, helping…
Tips for Incident Response Planning: Prepare Before Crisis Strikes
During our next webinar, our Incident Response experts will cover what organizations should do to prepare so they can respond quickly and be on the way to…
Inside the Modern Red Team: How Attackers Think, and What Defenders Miss
Discover how modern Red Teams think like attackers, what defenders often miss, and how to strengthen your cybersecurity posture.
Limiting Domain Controller Attack Surface: Why Less Services, Less Software, Less Agents = Less Exposure
Before we dive in, let’s get all the TrustedSec Certified Absolutes out of the way:All software presents some level of inherent risk.Only required software…
News 5 Cleveland - Elyria Police responded to a reported restaurant robbery. But it was actually an AI prank.
AI quality is evolving rapidly, making it easier than ever to create convincing fakes from a phone. Advisory Solutions Director Alex Hamerstone spoke with News…
Top 10 Blogs of 2025
Everyone has a year-end list, and this is ours. See what our top-performing cybersecurity blogs were in 2025, there could be some you might have missed!
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
