Brian Craig

Counsel

Washington, D.C.
T +1.202.861.1662
F +1.202.861.1783

Overview

Brian Craig is one of the BakerHostetler attorneys dedicated to clients in the government contracting sector. He provides advice and counsel to government contractors and has an in-depth knowledge of the rules and regulations that drive the government contracts industry. In his practice, Brian counsels and represents contractors in a wide range of matters involving all aspects of federal government contracting. Brian has particular experience in the challenges cybersecurity presents for government contractors, including cyber incident response reporting and responding to government, prime-contractor and supply chain inquiries. His work in this area includes drafting system security plans and the preparation of cybersecurity self-assessments. He also assists clients evaluating DoD Cybersecurity Maturity Model Certification (CMMC), security obligations under FAR 52.204-21, NIST SP 800-171 and other standards. Brian’s information technology transactional experience in this area includes cloud service provider agreements and associated cybersecurity obligations.

Previously, Brian led the cybersecurity and data privacy practice at a large U.K. law firm where he advised clients on national security matters and compliance with the General Data Protection Regulation (GDPR). He has led cybersecurity breach response, managed forensic investigations and provided legal advice on response requirements, ransomware attacks and any compromise or fraud that occurs as a result. Brian recommends proactive policies and cybersecurity standards in order to deter such attacks. He has also worked with cybersecurity startups offering managed services, public key infrastructure technology and mobile facial recognition solutions. Brian is a former Army officer and sought-after speaker and writer who routinely advises boards of directors and senior executives and staff on cybersecurity and privacy issues.

Drawing from his time as senior in-house counsel in roles at the largest multinational aerospace and defense contractors, Brian provides clients with comprehensive legal and business advice while assisting in developing data security procedures, protections and breach response governance that fit their unique goals.

Select Experience

  • Advised a FTSE-listed tobacco company on the cybersecurity and privacy aspects of new product development for e-cigarettes, including an analysis of the implications and recommendations for the integration of social networking, health data capture and facial recognition technology into products.
  • Drafted contractual provisions and supported negotiations for the London Metropolitan Police participation in a counter terrorism information sharing platform with a particular emphasis on cybersecurity and data privacy controls and technology.
  • Developed and delivered GDPR and cybersecurity awareness training and drafted policies, controls and procedures for international banks and provided audit letters demonstrating compliance.
More »

Experience

  • Advised a FTSE-listed tobacco company on the cybersecurity and privacy aspects of new product development for e-cigarettes, including an analysis of the implications and recommendations for the integration of social networking, health data capture and facial recognition technology into products.
  • Drafted contractual provisions and supported negotiations for the London Metropolitan Police participation in a counter terrorism information sharing platform with a particular emphasis on cybersecurity and data privacy controls and technology.
  • Developed and delivered GDPR and cybersecurity awareness training and drafted policies, controls and procedures for international banks and provided audit letters demonstrating compliance.

Recognitions and Memberships

Prior Positions

  • Lockheed Martin, London, UK: European General Counsel (2008 to 2012)
  • Lockheed Martin Corp.: Transactions Counsel (2005 to 2008)

Military Service

U.S. Army: Captain (North Carolina and Korea)

Admissions

  • District of Columbia

Education

  • J.D., American University Washington College of Law
  • B.A., Politics, Catholic University of America

Blog

In The Blogs

Previous Next
Data Counsel
Could Careless Coders Face False Claims Liability?
By Brian Craig, Stephen E. Ruscus
October 28, 2022
New Software Development Security Attestation and Related False Claims Act Liability for Commercial and Noncommercial Software Developers and Suppliers Key takeaway Software producers at all levels in the federal supply chain should...
Read More ->
Data Counsel
Reporting Cyberattacks: Challenges for US Government Defense Contractors
By Orga Cadet, Brian Craig
December 20, 2021
A report published by the U.S. Government Accountability Office (GAO) on Dec. 8, 2021, highlights the complexity surrounding cybersecurity compliance for the Department of Defense (DOD) and its contractors. The GAO’s report recommended...
Read More ->
Data Counsel
Welcome Brian Craig to the Digital Assets and Data Management Group
By Brian Craig, Theodore J. Kobus III
December 3, 2021
Please join me in welcoming Counsel Brian Craig to the Digital Assets and Data Management Group. Brian is located in our Washington, D.C. office and is a member of the Digital Risk Advisory and Cybersecurity (DRAC) Team. Brian has deep...
Read More ->