Scott Hanson



Associate Managing Director & Head of Global Security Operations

Scott Hanson is an associate managing director and Head of Global Security Operations in the Cyber Risk practice, based in Secaucus.

Kroll Responder

Scott leverages more than a decade of experience in enterprise information technology, with significant expertise in endpoint detection and response (EDR), security incident and event management (SIEM) and related technologies. His primary focus at Kroll is helping clients enhance or restore network security through continuous threat detection, incident response and “triage” forensics.

Prior to joining Kroll, Scott  served as an information systems analyst at ExxonMobil Global Services Company.  In that role, he was responsible for incident investigation and security engineering. Throughout his career, Scott has participated in hundreds of incident response investigations, has implemented and managed countless enterprise technology solutions and has managed information security teams around the world.

Scott received a master’s degree in information systems management and a B.S. in information systems from Brigham Young University. He also holds numerous certifications, designating him as a GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Systems Auditor (CISA) and PCI Qualified Security Assessor (QSA).

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.


Proactively monitor, detect and respond to threats virtually anywhere – on endpoints and throughout the surface, deep and dark web.

24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Virtual CISO (vCISO) Advisory Services

Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.

Incident Response and Litigation Support

Kroll’s elite security leaders deliver rapid responses for over 3,000 incidents per year and have the resources and expertise to support the entire incident lifecycle.

Incident Remediation and Recovery Services

Cyber incident remediation and recovery services are part of Kroll’s Complete Response capabilities, expediting system recovery and minimizing business disruption.

Malware and Advanced Persistent Threat Detection

Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.

Computer Forensics

Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.

Malware Analysis and Reverse Engineering

Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.

Threat Exposure and Validation

Proactively identify your highest-risk exposures and address key gaps in your security posture. As the No. 1 Incident Response provider, Kroll leverages frontline intelligence from 3000+ IR cases a year with adversary intel from deep and dark web sources to discover unknown exposures and validate defenses.