Andreas Ostenfeldt
Clayton Utz
Andreas is a highly experienced cybersecurity expert, specializing in cyber crisis management and incident response. With extensive experience spanning across multiple regions, including Latin America, North America, Europe, Asia Pacific, and Oceania, Andreas has worked with both local and global organizations to prepare for and respond to a broad range of cyber threats, such as ransomware, data breaches, and insider threats.
Throughout Andreas’ career, he has been instrumental in helping organizations build resilience against cyber threats. With a strong background in actively responding to real time threats, developing cyber response runbooks, conducting simulation exercises, cyber incident response framework assessments and uplifts , as well as advising on both operational and technical improvements, Andreas brings a holistic approach to cyber incident management, ensuring that clients are prepared for, and can effectively respond to, emerging threats, boosting their long-term resilience..
- Conducted a comprehensive cyber incident response assessment and capability uplift for a national fire department, enhancing their ability to respond to cyber threats.
- Supported government agencies in developing and implementing cyber incident response playbooks and guidelines, streamlining response efforts across multiple departments.
- Provided cybersecurity advisory and incident response support for a leading mining company, with a focus on IT, OT, and IoT security.
- Worked with a major healthcare organization to contain and remediate multiple ransomware incidents, safeguarding sensitive information and restoring critical services.
- Served as part of the Cyber Incident Response Management Team for a large global bank, managing numerous high-impact incidents with both local and global repercussions in the financial sector.
- Supported organisations with designing and operationalising data breach notifications programs.
Andreas’ work has consistently focused on enabling organizations to improve their cyber resilience, combining technical expertise with strategic insights to foster a proactive and prepared cybersecurity and incident response posture.