search menu icon-carat-right cmu-wordmark

Tom Longstaff

Chief Technology Officer

Tom Longstaff is Chief Technology Officer of the SEI. As CTO, Longstaff is responsible for formulating a technical strategy and leading the funded research program of the institute based on current and predicted future trends in technology, government, and industry.

Before joining the SEI as CTO in 2018, Longstaff was a program manager and principal cybersecurity strategist for the Asymmetric Operations Sector of the Johns Hopkins University Applied Physics Laboratory (APL), where he led projects on behalf of the U.S. government, including nuclear command and control, automated incident response, technology transition of cyber R&D, information assurance, intelligence, and global information networks.

He also was chair of the Computer Science, Cybersecurity, and Information Systems Engineering Programs and co-chair of Data Science in the Whiting School at Johns Hopkins. His academic publications span topics such as malware analysis, information survivability, insider threat, intruder modeling, and intrusion detection. He maintains an active role in the information assurance community and regularly advises organizations on the future of network threat and information assurance. He is an editor for Computers and Security, and has previously served as associate editor for IEEE Security and Privacy; general chair for the New Security Paradigms Workshop and Homeland Security Technology Conference; and numerous other program and advisory committees.

Prior to joining the staff at APL, Longstaff was the deputy director for technology for the CERT Division at the Software Engineering Institute. In his 15-year tenure at the SEI CERT Division, he helped create many of the projects and centers that made the program an internationally recognized network security organization. His work included assisting the Department of Homeland Security and other agencies to use response and vulnerability data to define and direct a research and operations program in analysis and prediction of network security and cyber terrorism events.

Longstaff received his bachelor’s degree in physics and mathematics from Boston University and his master’s degree in applied science and his Ph.D. in computer science from the University of California, Davis.