Skip to main content

Andrew Rafla

Principal | Cyber Risk Advisory | US

Andrew, a principal at Deloitte & Touche LLP, is a member of the Cyber & Strategic Risk practice of Deloitte Risk & Financial Advisory. 

He has a deep technology and operations background spanning his 20+ year career in cybersecurity. Andrew focuses on helping clients enhance operational efficiency while reducing exposure to cyberthreats and managing operational, regulatory, and emerging risks.

Andrew is currently Deloitte’s Zero Trust offering leader and has extensive experience in network and infrastructure security, adversarial simulation, security operations, and security logging and monitoring. He primarily focuses on serving some of the world’s largest financial services organizations but also has experience in other industries and verticals such as federal/ department of defense (classified and unclassified), power and utilities, retail, and life sciences.

Andrew received a BS in Computer Science from Rutgers University and an MS in Information Assurance from Capitol Technology University. He is also a Certified Information Systems Security Professional (CISSP) and is certified through the SABSA Chartered Foundation.