Thomas Brittain
Thomas Brittain

Thomas Brittain

Managing Director

Thomas Brittain is a managing director in the Cyber Risk practice of Kroll, a division of Kroll, based in St. Louis. He has over 14 years of information security experience advising organizations on secure configurations, risk reduction, incident response, and tackling tough security challenges.

Thomas joined Kroll from Carbon Black, where he was senior manager of the firm’s global incident response (IR) partner program. As co-creator, Thomas grew the program to include over 75 active IR firms and advised those firms on threat hunting and security strategy leveraging Carbon Black. Prior to Carbon Black, Thomas held positions with the U.S. Department of Defense (DoD) and Intelligence Community, including as a cyber security engineer for Scope EDGE, the Air Force’s premier security and vulnerability assessment team. He also has experience serving as an information and cyber security specialist for the aerospace industry and the Air National Guard. 

Thomas’ experience ranges from incident response and security assessments to building and leading security programs. He is a Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) and a GIAC Certified Incident Handler. In addition, Thomas is an active member of the Air National Guard, where his work includes system administration, network defense and digital network intelligence.

Select Media Appearances
  • “50% of Cyberattacks Target Supply Chain, Seek Lateral Movement”, Health IT Security
  • “Island Hopping Hackers: MSPs Beware”, MSSP Alert
  • “50% of Attacks Leverage “Island Hopping” Says Carbon Black”, Solutions Review

  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • GIAC Certified Incident Handler (GCIH) 



Brittain /en/our-team/thomas-brittain /-/media/kroll/images/headshots/managing-directors/thomas-brittain-updated.jpg people {E39587AD-8F0B-4FE2-865F-969BC5501096}{3A077BFC-C74A-40AF-A14C-13BCF6E3873E}{017AF13C-E8EA-412B-9488-C67D28107B27}{E538E14D-C192-4A8E-8861-504D0EEBF99A} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Stay Ahead with Kroll

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

24x7 Incident Response

Enlist experienced responders to handle the entire security incident lifecycle.

24x7 Endpoint Detection and Response

Intelligent Endpoint detection and response: Maximum confidence in data security


Proactively monitor, detect and respond to threats virtually anywhere – on endpoints and throughout the surface, deep and dark web.