Andrew Douglas

Andrew, a managing director at Deloitte & Touche LLP, is the US’s Attack Surface Management leader within the Cyber & Strategic Risk Practice, where he focuses on helping our clients know, assess, and reduce their attack surface across all technology layers, including building defensive and offensive security programs. He leads large scale engagements to design, build, and operate these programs, with an emphasis on cloud enablement. As part of our Cyber infrastructure team, he also leads large scale cyber infrastructure enhancements engagements, focused on improving and automating network security.

He has more than 20 years of experience with Deloitte performing consultative cyber security services for our clients globally. This has included significant work leading large scale cyber internal audit, red teaming, cloud assessment, penetration testing, and vulnerability assessments for clients in the financial services sector, technology, life sciences and health care and other industries, as well as wider cyber security strategy, program, and capabilities assessments.