Brian Lichter

Brian leverages over 15 years of professional experience as a federal prosecutor, litigator at an AmLaw 5 firm, and cybersecurity counsel for a Fortune 200 technology company to help organizations navigate their most complex cyber and digital crises. He co-leads the Complex Digital Events practice for Cyber and Data Resilience.

Prior to joining Kroll, Brian was Managing Director at Stroz Friedberg, where he led investigations into cyberattacks, served as an expert witness, and advised companies and boards of directors on enterprise-wide security. Brian has led investigations into nation-state attacks, ransomware incidents, and insider threats, including theft of trade secrets. Brian has served as a consulting and testifying expert in litigation involving trade secret theft, forensic remediation, and large data breaches. He has also advised clients on national security risks, including matters involving the Committee on Foreign Investment in the United States (CFIUS) and has served as a CFIIUS third-party cybersecurity auditor.

Before that, Brian served as Cybersecurity Counsel and Senior Director for global investigations at Cognizant, an IT services and consulting company. In that role, he directed complex cyber and forensic investigations and oversaw the legal aspects of the company's response to security incidents. He also provided day-to-day legal advice to the Chief Security Officer and CISO relating to red teaming, security assessments, voluntary disclosures and other security issues and directed sensitive internal investigations related to corruption, bribery, fraud and other serious misconduct.

Earlier in his career, Brian served as a litigator at Latham & Watkins LLP and a Trial Attorney with the Criminal Division of the U.S. Department of Justice.

Brian holds a degree in law from Northwestern University Pritzker School of Law and a B.A. in political science and French literature from Washington University in St. Louis.

He regularly presents at industry conferences and is co-author of the chapter on incident response in the Practicing Law Institute's publication, Cybersecurity: A Practical Guide to the Law of Cyber Risk.