Andrew (Andy) Davison is a Managing Director at CFGI, where he leads the firm’s UK Cybersecurity practice. With more than 15 years of experience in technology, risk, and cybersecurity, Andy advises clients across financial services, private equity, insurance, government, manufacturing, oil and gas, and legal sectors. He specializes in interim and virtual CISO leadership, cyber strategy and roadmaps, risk management, security architecture, and transformation programs that improve cyber maturity and resilience.
Andy has led security programs for multinational organizations ranging from FTSE 100 companies to government entities. He brings deep expertise in deploying, managing, and securing digital ecosystems, with hands-on experience implementing security solutions, embedding cybersecurity processes, and building resilient IT systems. As a trusted advisor to executive leadership and boards, Andy is recognized for his ability to contextualize and align cyber risk with business priorities, set security strategy, and deliver practical roadmaps. Prior to joining CFGI, Andy was a Director at Alvarez & Marsal, where he oversaw the UK cybersecurity team, leading pre-acquisition due diligence, post-acquisition programs, and interim CISO roles. Earlier in his career, he held positions implementing security transformations, running penetration testing services, and leading vCISO teams.
Andy holds multiple professional certifications, including CISSP, CCSP, CRISC, Microsoft Azure Solution Architect Expert, AWS Security Professional, and AWS Solution Architect.