Thomas Brittain is an associate managing director with the Cyber Risk practice of Kroll, a division of Duff & Phelps, based in St. Louis. He has over 14 years of information security experience advising organizations on secure configurations, risk reduction, incident response, and tackling tough security challenges.

Thomas joined Duff & Phelps from Carbon Black, where he was senior manager of the firm’s global incident response (IR) partner program. As co-creator, Thomas grew the program to include over 75 active IR firms and advised those firms on threat hunting and security strategy leveraging Carbon Black. Prior to Carbon Black, Thomas held positions with the U.S. Department of Defense (DoD) and Intelligence Community, including as a cyber security engineer for Scope EDGE, the Air Force’s premier security and vulnerability assessment team. He also has experience serving as an information and cyber security specialist for the aerospace industry and the Air National Guard. 

Thomas’ experience ranges from incident response and security assessments to building and leading security programs. He is a Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) and a GIAC Certified Incident Handler. In addition, Thomas is an active member of the Air National Guard, where his work includes system administration, network defense and digital network intelligence.

Select Media Appearances
  • “50% of Cyberattacks Target Supply Chain, Seek Lateral Movement”, Health IT Security
  • “Island Hopping Hackers: MSPs Beware”, MSSP Alert
  • “50% of Attacks Leverage “Island Hopping” Says Carbon Black”, Solutions Review

Certifications
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • GIAC Certified Incident Handler (GCIH) 

 

 
Brittain /en/our-team/thomas-brittain /-/media/kroll/images/headshots/managing-directors/thomas-brittain-updated.jpg people {E39587AD-8F0B-4FE2-865F-969BC5501096} {3A077BFC-C74A-40AF-A14C-13BCF6E3873E} {017AF13C-E8EA-412B-9488-C67D28107B27} {E538E14D-C192-4A8E-8861-504D0EEBF99A} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Other Areas We Can Help

Cyber Risk

Cyber Risk

Global, end-to-end cyber risk solutions.

Cyber Risk
Incident Response and Litigation Support

24x7 Incident Response

Compliant notifications, reputation-saving remediation, and litigation support.

24x7 Incident Response

Insights

Cyber

Initial Access Brokers: Fueling the Ransomware Threat  - The Monitor, Issue 17

Cyber
Compliance

The Importance of Jurisdictional Risk When Doing Business with Money Services Businesses

Compliance
Cyber

Data Exfiltration in Ransomware Attacks: Digital Forensics Primer for Lawyers

Cyber

News