Thomas Lee

Thomas Lee

Cybersecurity expert

Dr. Thomas Lee is the CEO and co founder of VivoSecurity, a Silicon Valley company specializing in advanced data collection, regression modeling, and statistical methods to quantify the inherent randomness of cybersecurity incidents. His work focuses on bringing scientific rigor to cyber risk measurement, enabling organizations to better understand, forecast, and mitigate the probabilistic nature of cyber events.

Dr. Lee has developed predictive models for online banking fraud, personally identifiable information (PII) breach probability, and post breach litigation exposure. His research bridges cybersecurity, applied mathematics, and risk analytics, offering organizations a more empirical foundation for decision making in environments characterized by uncertainty and adversarial behavior.

He has presented his work across ISACA, ISC2, and ISSA chapters, as well as at major international cybersecurity conferences, including SecTor Canada 2024 in Toronto, ISC2 Security Congress 2025, and the ISACA Los Angeles GRC Spring Conference. His sessions are known for translating complex statistical concepts into practical frameworks that cybersecurity and risk leaders can apply to real world challenges.

Dr. Lee serves on the Advisory Board of the San José State University (SJSU) Center for Artificial Intelligence and Cybersecurity, where he contributes to academic industry collaboration on emerging cyber risk methodologies. He is also a principal investigator in the Information Risk Management Laboratory at SJSU, conducting research on quantitative risk modeling and the statistical behavior of cyber incidents.

He holds multiple patents and has published extensively in peer reviewed scientific journals, reflecting his long standing commitment to advancing the empirical foundations of cybersecurity. Dr. Lee earned dual Bachelor of Science degrees in Physics and Electrical Engineering from the University of Washington, followed by a PhD in Biophysics from the University of Chicago, where he specialized in computational and quantitative methods.

Across his academic, research, and industry leadership roles, Dr. Lee is recognized for bringing a uniquely scientific perspective to cybersecurity—one that emphasizes measurement, modeling, and the disciplined quantification of uncertainty to strengthen organizational resilience.

Conference The Unique Role of the IT Audit-Savvy Internal Auditors in Solving a Major Unmanaged Risk
Theme Internal Audit Facing Third-Party Risk

|