Andrew Weidenhamer

Andrew Weidenhamer is a Principal in RSM LLP’s Technology Risk Advisory Services practice, bringing nearly 20 years of consulting experience in information security and data governance. With a unique blend of technical expertise and business acumen, Andrew has led a wide range of public sector engagements—from tactical penetration testing and red teaming to statewide NIST cybersecurity assessments and strategic roadmap development. As the Cyber Public Sector Lead, he oversees large government projects, drives thought leadership, supports talent development, and contributes to business growth initiatives.

Outside of his role at RSM, Andrew is an active leader in the cybersecurity community. He co-leads the DC OWASP chapter and has helped organize major industry events, including OWASP’s flagship U.S. conference, AppSec USA. Andrew has spoken at numerous national conferences such as MACo, ISACA, Defcon, OWASP AppSec, and the Rochester Security Summit. He has collaborated with security researchers on penetration testing tool development and is credited as a contributing author to a well-known red teaming book. Andrew maintains his technical edge through ongoing training and holds certifications including CISSP, CISA, and OSCP. His representative experience includes advising state CISOs, leading enterprise vulnerability and identity management programs, serving as a virtual CISO for SMBs, and managing a global team of over 50 security professionals.

AC25 Session: Cybersecurity by Design: Planning for What’s Next