Kroll Associates, Inc.
100 Centerview Drive, Suite 300
Marc Brawner is a Principal with Kroll’s Cyber Security and Investigations practice, based in the Nashville office. With over 20 years of experience in information technology, including 16 years focused on information security, Marc is an expert in cyber risk management, incident response and computer forensics investigations.
Marc rejoined Kroll in 2013 after spending 7 years leading Marsh & McLennan Companies’ global incident response and risk assessment team. Prior to this, from 1999-2006 Marc served in multiple capacities at Kroll including Information Security Officer, Senior Security and Forensics Analyst, and Senior Systems Architect.
Marc’s diverse background across multiple facets of information technology, coupled with years of experience as a consultant, practitioner, and manager provide a unique blend of knowledge and understanding of the challenges both IT and security organizations face.
Marc has participated in hundreds of incident response, computer forensics, and risk assessment activities, implemented and managed enterprise technology solutions, led vendor and regulatory compliance programs, and managed global information technology and security teams. He works closely with legal, HR, and compliance personnel at organizations worldwide to deliver significant value and savings through creative use of cyber security and forensic capabilities.
Incident Identification and Response
Marc has years of experience identifying and responding to cyber security intrusions across multiple industries, as well as assessing networks and systems for the presence of malicious threats and developing effective remediation strategies. Marc served as an expert witness for the US government on the topic of incident response.
Corporate Espionage and Insider Threats
Marc’s forensic work has uncovered major global corporate espionage activities and significant cases of theft of intellectual property by otherwise trusted insiders. Marc served as a lead forensic investigator at Enron during its bankruptcy.
Vendor Risk Management
Marc has extensive experience addressing information security challenges as both a consumer and as a provider of vendor services.
Audits and Assessments
Marc has led and participated in dozens of internal and external audit engagements and compliance initiatives in areas such as SOX, PCI, ISO27001, HIPAA, and FSA.
Corporate IT and Information Security
Marc has served as both a consultant to and a practitioner within information technology and security organizations; providing diverse perspectives on challenges and solutions.
Education and Certifications
- B.S., Computer Science, Lipscomb University
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Qualified Security Assessor, PCI Security Standards Council (QSA)
Affiliations and Memberships
- International Information Systems Security Certification Consortium, Inc. (ISC2), Member
- Information Systems Security Association (ISSA), Senior Member
- Information Systems Audit and Control Association (ISACA), Member
- Middle Tennessee ISC2 Chapter Board Member