Mr John deCraen

John deCraen is an Associate Managing Director and Expert Witness in Cybersecurity Advisory Services based In Texas.

He is an executive computing, digital forensics and cybersecurity expert with more than two decades of delivering high-profile enterprise-class solutions to Global 500 businesses and AmLaw 100 law firms that are enriched with strategic and technical cybersecurity program leadership and guidance built on demonstrable experience.

He has served as Virtual Chief Information Security Officer for clients across many industries, with a primary focus in the financial, insurance and academic sectors. He has provided leadership to technical teams as well as advisory and consultative guidance to executive management and Board of Directors, and represent clients and counsel in numerous litigation matters as an expert in various types of disputes, digital forensic investigations and cybersecurity matters.

John represent clients in numerous data privacy engagements providing expert advisory services specific to privacy regulations and privacy protections, including CCPA/RA, GDPR, PIMS and state-level privacy laws, and represents Kroll in client cybersecurity Incident response matters, ranging from extortion to massive encrypt/exfil cases. He manages all aspects of the response including all technical and forensic work, client and counsel communications and threat actor negotiations.

He coordinates with third parties to manage appropriate ransomware payments, post-ransom decryption and client-actioned remediation efforts. He provides for expert understanding of the breach lifecycle and cyber kill-chain that includes wide experience with all manner of ransomware and malware, associated tools and actors, and specialises in non-incident cybersecurity/forensic related investigation matters including fraud, Personal Health Information (PHI) and Personally Identifiable Information (PII) loss.

Member of NIST Cybersecurity Center of Excellence (NCCoE)