Brian Craig

Counsel

Washington, D.C.
T +1.202.861.1662
F +1.202.861.1783

Overview

With more than 25 years of experience, Brian Craig advises clients on proactive cybersecurity and data privacy practices, serious data breach incident response, regulatory compliance and information technology transactions with an emphasis on the unique challenges faced by government contractors. He has worked in highly regulated industries and across international jurisdictions in senior leadership roles counseling the largest U.S. aerospace and defense contractors.

Brian has particular expertise in the challenges cybersecurity presents for government contractors, including cyber incident response reporting and responding to government, prime-contractor and supply chain inquiries. His proactive work includes drafting system security plans and the preparation of cybersecurity self-assessments. He also assists clients evaluating DoD Cybersecurity Maturity Model Certification (CMMC), security obligations under FAR 52.204-21, NIST SP 800-171 and other standards. Brian’s information technology transactional experience in this area includes cloud service provider agreements and associated cybersecurity obligations.

Previously, Brian led the cybersecurity and data privacy practice at a large U.K. law firm where he advised clients on all aspects of compliance with the General Data Protection Regulation (GDPR). He has led cybersecurity breach response, managed forensic investigations and provided legal advice on response requirements, ransomware attacks and any compromise or fraud that occurs as a result. Brian recommends proactive policies and cybersecurity standards in order to deter such attacks. He has also worked with cybersecurity startups offering managed services, public key infrastructure technology and mobile facial recognition solutions. Brian is a sought-after speaker and writer who routinely advises boards of directors and senior executives and staff on cybersecurity and privacy issues.

Drawing from his time in senior in-house counsel roles at multinational aerospace and defense contractors, Brian provides clients with comprehensive legal and business advice while assisting in developing data security procedures, protections and breach response governance that fit their unique goals.

Select Experience

  • Advised a FTSE-listed tobacco company on the cybersecurity and privacy aspects of new product development for e-cigarettes, including an analysis of the implications and recommendations for the integration of social networking, health data capture and facial recognition technology into products.
  • Drafted contractual provisions and supported negotiations for the London Metropolitan Police participation in a counter terrorism information sharing platform with a particular emphasis on cybersecurity and data privacy controls and technology.
  • Developed and delivered GDPR and cybersecurity awareness training and drafted policies, controls and procedures for international banks and provided audit letters demonstrating compliance.
More »

Experience

  • Advised a FTSE-listed tobacco company on the cybersecurity and privacy aspects of new product development for e-cigarettes, including an analysis of the implications and recommendations for the integration of social networking, health data capture and facial recognition technology into products.
  • Drafted contractual provisions and supported negotiations for the London Metropolitan Police participation in a counter terrorism information sharing platform with a particular emphasis on cybersecurity and data privacy controls and technology.
  • Developed and delivered GDPR and cybersecurity awareness training and drafted policies, controls and procedures for international banks and provided audit letters demonstrating compliance.

Recognitions and Memberships

Prior Positions

  • Lockheed Martin, London, UK: European General Counsel (2008 to 2012)
  • Lockheed Martin Corp.: Transactions Counsel (2005 to 2008)

Military Service

U.S. Army: Captain (North Carolina and Korea)

Admissions

  • District of Columbia

Education

  • J.D., American University Washington College of Law
  • B.A., Politics, Catholic University of America

Blog

In The Blogs

Previous Next
Data Counsel
Reporting Cyberattacks: Challenges for US Government Defense Contractors
By Orga Cadet, Brian Craig
December 20, 2021
A report published by the U.S. Government Accountability Office (GAO) on Dec. 8, 2021, highlights the complexity surrounding cybersecurity compliance for the Department of Defense (DOD) and its contractors. The GAO’s report recommended...
Read More ->
Data Counsel
Welcome Brian Craig to the Digital Assets and Data Management Group
By Brian Craig, Theodore J. Kobus III
December 3, 2021
Please join me in welcoming Counsel Brian Craig to the Digital Assets and Data Management Group. Brian is located in our Washington, D.C. office and is a member of the Digital Risk Advisory and Cybersecurity (DRAC) Team. Brian has deep...
Read More ->