Most cybersecurity advisors come from one world — enterprise, consulting, or high-growth SaaS. Brandywine Cyber is the independent practice of Brian Nolan, who has led security across all three, with M&A cybersecurity running through every stop.
Surface deal-affecting cyber risk before close. Diligence focused on transaction risk, integration cost, and what changes after the wire hits — informed by $1B+ enterprise acquisitions and a high-volume fintech and Web3 M&A pipeline.
Make diligence findings actionable. Post-close integration plans that sequence remediation against the value-creation plan and keep security from becoming the bottleneck.
Senior security leadership without the full-time hire. For SaaS, fintech, and regulated technology companies navigating audit readiness, enterprise sales motions, or board reporting.
About
Brian Nolan founded Brandywine Cyber after two decades leading security across enterprise, consulting, and high-growth SaaS environments.
Most recently Head of Security and IT at Tilt, where he delivered consecutive SOC 2 Type II audits with zero exceptions. Previously Director of Security & Technology M&A at Kraken Digital Asset Exchange, owning diligence across a high-volume fintech and Web3 pipeline. Before that, VP of Security Strategy & Operations at Comcast Business, an $8B unit serving 2M+ customers, where he led the M&A cybersecurity program through a $1B+ enterprise technology acquisition. Earlier, he scaled OpenSky's security consulting practice to $30M+ in annual revenue across 750+ Fortune 500 engagements, leading to its acquisition by TÜV Rheinland.
Brandywine Cyber is built on that experience: pragmatic, senior-level advisory tailored to fast-moving transactions, lean operating environments, and technology-driven businesses.
Brian Nolan
Founder & Principal
Background
Tilt · Kraken Digital Asset Exchange · Comcast Business · TÜV Rheinland (OpenSky) · Core BTS
CISSP since 2004 · B.A., Hobart and William Smith Colleges
Selected Achievements
Led cybersecurity diligence and post-close integration for a $1B+ enterprise technology acquisition at Comcast Business.
Directed M&A security across a high-volume fintech and Web3 transaction pipeline at Kraken, with findings that influenced deal valuation — and in one case, the decision not to proceed.
Achieved consecutive SOC 2 Type II audits with zero exceptions at a high-growth SaaS company, accelerating enterprise sales cycles in regulated industries.
Drove an $8B Comcast business unit through a full ISO 27001 and NIST CSF transformation, achieving the best internal audit results in the company's history.
Designed and launched a cloud-native MDR service at TÜV Rheinland, establishing a recurring revenue stream across North America, EMEA, and APAC.
Scaled OpenSky's security practice to $30M+ in annual revenue across 750+ Fortune 500 engagements, leading to acquisition by TÜV Rheinland.
Secured ADP as an anchor client through an M&A security assessment that expanded into a year-long engagement building their enterprise M&A security program.
Engagement Structure
Diligence — Fixed-fee, scoped to deal timelines. Typical engagements run 1–3 weeks for targeted reviews; longer for full Phase II.
Fractional CISO — Monthly retainer, scaled to company stage and security maturity.
Portfolio advisory — Retainer or outcome-aligned, depending on scope.
Initial conversations are confidential and typically begin with a brief discovery call.
Services
M&A Diligence
Integration & Advisory
Fractional CISO