Dave Burg



Global Head of Cyber Risk

Dave Burg is Global Head of Cyber Risk, based in Washington, D.C. He joins with more than two decades of experience in cybersecurity spanning risk management, incident response and use of technology to enhance protection against cyber threats.

Previously, Dave led cybersecurity for EY in the Americas, where he was responsible for managing their cyber business and serving clients in all industries and sectors. Dave also served as the Global Cybersecurity Leader for PwC, where he was responsible for developing and executing the business strategy as well as serving multinational clients in the U.S. and around the world. In these roles, Dave has worked extensively alongside global corporations, law firms, and has consulted with regulators and government agencies. He is focused on ensuring there is strong understanding of how to adapt to evolving regulatory changes that impact response and continuity strategies as well as emphasizing the importance of vigilance and proactivity in safeguarding sensitive information and critical systems.

In addition to cybersecurity, Dave also has comprehensive experience in the dispute and investigation space. He began his career in a dispute analysis and investigation unit of PwC where he worked on many significant financial crime investigations including WorldCom, Computer Associates, and Adelphia Communication. Dave was also involved in the Delta/Northwest merger and worked on stock option backdating matters, FCPA, and other domestic and international investigative matters. In addition, Dave led a very large body of work for banks in the United States during the 2008 banking crisis and has experience working in the U.S. Federal space. Over time, cybersecurity became Dave’s primary area of focus as he served as the lead Partner on many cyber incident response teams that resulted in significant cyber transformation opportunities.

Dave is passionate about sharing insights on an array of cyber topics including the importance of comprehensive end-to-end cybersecurity solutions, effective incident response and the strategic use of threat intelligence. Dave has lectured at New York University’s Stern School of Business, Georgetown University, Penn State University and other universities on an array of cybersecurity, risk, and technology topics. He has extensive experience presenting before Corporate Boards. His insights have been featured in the Wall Street Journal, CNBC, Cheddar, CISO magazine, and other national news outlets and trade publications. He is a featured speaker at conferences including SXSW, the World Economic Forum C3 Conference, Gartner Security Summit, Mobile World Congress and at RSA. 

Dave has an MBA from the Raymond A. Mason School of Business at The College of William & Mary and a B.S. from the University of Pennsylvania. He serves on William & Mary’s Business School Foundation Board, as well as on the Cyber Fellows Advisory Council for the NYU Tandon School of Engineering.

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Incident Response and Litigation Support

Kroll’s elite security leaders deliver rapid responses for over 3,000 incidents per year and have the resources and expertise to support the entire incident lifecycle.

Cyber Governance and Strategy

Manage cyber risk and information security governance issues with Kroll’s defensible cyber security strategy framework.

Threat Exposure and Validation

Proactively identify your highest-risk exposures and address key gaps in your security posture. As the No. 1 Incident Response provider, Kroll leverages frontline intelligence from 3000+ IR cases a year with adversary intel from deep and dark web sources to discover unknown exposures and validate defenses.

Notification, Call Centers and Monitoring

Kroll’s data breach notification, call centers and monitoring team brings global breach response expertise to efficiently manage regulatory and reputational needs.

Kroll Responder MDR

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Cyber Threat Intelligence

Threat intelligence are fueled by frontline incident response intel and elite analysts to effectively hunt and respond to threats.

Penetration Testing Services

Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.