Thomas Brittain is an associate managing director with the Cyber Risk practice of Kroll, a division of Duff & Phelps, based in St. Louis. He has over 14 years of information security experience advising organizations on secure configurations, risk reduction, incident response, and tackling tough security challenges.

Thomas joined Duff & Phelps from Carbon Black, where he was senior manager of the firm’s global incident response (IR) partner program. As co-creator, Thomas grew the program to include over 75 active IR firms and advised those firms on threat hunting and security strategy leveraging Carbon Black. Prior to Carbon Black, Thomas held positions with the U.S. Department of Defense (DoD) and Intelligence Community, including as a cyber security engineer for Scope EDGE, the Air Force’s premier security and vulnerability assessment team. He also has experience serving as an information and cyber security specialist for the aerospace industry and the Air National Guard. 

Thomas’ experience ranges from incident response and security assessments to building and leading security programs. He is a Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) and a GIAC Certified Incident Handler. In addition, Thomas is an active member of the Air National Guard, where his work includes system administration, network defense and digital network intelligence.

Select Media Appearances
  • “50% of Cyberattacks Target Supply Chain, Seek Lateral Movement”, Health IT Security
  • “Island Hopping Hackers: MSPs Beware”, MSSP Alert
  • “50% of Attacks Leverage “Island Hopping” Says Carbon Black”, Solutions Review

  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • GIAC Certified Incident Handler (GCIH) 


Brittain /en/our-team/thomas-brittain /-/media/kroll/images/headshots/managing-directors/thomas-brittain.ashx people {78D3F940-BF08-40FB-A7F6-B55FB2D9165B} {3C7B541B-9C46-4B7C-B32F-5171B3FA949B} {A3B7E209-8F10-4915-AF25-183D9A8364FC} {1AB4A94D-BDC5-4744-81D9-A9DF250E9807} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Related Services

Cyber Risk

Cyber Risk

End-to-end cyber security services provided by unrivaled experts.

Cyber Risk