DETAILED BIOGRAPHY

AndrewAndrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

PRESENTATIONS

  • (ISC)² CyberSecureGov
  • (ISC)² Security Congress
  • AccessData User Conference
  • ArchCon
  • BSides Boston
  • BSides Detroit
  • BSides Las Vegas
  • BSides New Orleans
  • BSides Ottawa
  • BSides San Francisco
  • Baythreat
  • Black Hat
  • Bsides Los Angeles
  • CircleCityCon
  • CISO Executive Summit
  • ChefConf
  • Cloud Security World
  • CloudBeat
  • Converge Conference
  • Cornerstones of Trust
  • Data Breach Investigation Summit
  • EDUCAUSE Security Conference
  • HackMiami
  • HTCIA Atlantic Canada
  • IANS Forum Dallas
  • IANS Forum New York
  • IANS Forum San Francisco
  • IEEE Computer Society
  • IRISSCERT Cyber Crime Conference (IRISSCON)
  • ISOI APT 3
  • ISOI XIV
  • ISSA International Conference
  • ISSA San Francisco
  • Intelligent Defence
  • Interop
  • Kaspersky Security Startup Challenge
  • Minnesota Information Security Community (MISC.conf) Conference
  • Next Generation Networks Technical Awareness Session (TAS)
  • OpenStack Summit
  • PuppetConf
  • RSA Conference
  • RSA Security Conference
  • SANS Digital Forensics & Incident Response (DFIR) Summit
  • SANS Network Security
  • SANS Threat Hunting & Incident Response (THIR) Summit
  • SANS Tool Talk
  • SANS Toronto
  • SOURCE Barcelona
  • SOURCE Boston
  • SOURCE Seattle
  • SXSW Interactive Festival
  • Tactical Edge
  • iTrust and PST Conferences on Privacy, Trust Management and Security

PROFESSIONAL MEMBERSHIPS

  • International Information Systems Security Certification Consortium (ISC2)
  • High Technology Crime Investigation Association (HTCIA)
  • Information Systems Audit and Control Association (ISACA)
  • National Electric Sector Cybersecurity Organization (NESCO)
  • Energy Sector Security Consortium (EnergySec)
  • Penetration Testing Execution Standard (PTES)
  • InfoSecMentors Project
  • Cloud Security Alliance (CSA)
  • Open Web Application Security Project (OWASP)

BOARD MEMBERSHIPS

  • Global Information Assurance Certification (GIAC) Advisory Board
  • Countermeasure 2012, 2013 Advisory Board
  • BSides Ottawa Advisory Board
  • OWASP Lethbridge – Chapter Leader

PUBLICATIONS

  • OSSEC Host-based Intrusion Detection Guide (Syngress, ISBN 9781597492409, March 2008)
  • Nokia Firewall, VPN, and IPSO Configuration Guide (Syngress, 9781597492867, November 2008)
  • Nagios 3 Enterprise Network Monitoring (Syngress, 9781597492676, June 2008)
  • The Cyber-Security Playbook (The 451 Group, Enterprise Security Practice, April 2011)
  • 451 Research: https://www.451research.com/search?author=Andrew+Hay

EDUCATION

  • Algonquin College of Applied Arts and Technology, Computer Science (1997)
  • The SANS Institute, Intrusion Detection In-Depth (2006)
  • The SANS Institute, Hacker Techniques, Exploits & Incident Handling (2006)
  • The SANS Institute, Computer Forensic Investigations and Incident Response (2009)
  • The SANS Institute, Securing Windows (2009)
  • Offensive Security, Penetration Testing with Backtrack (2011)
  • Lofty Perch, Inc., SCADA and Control Systems Cyber Security (2011)
  • Harvard Business School ManageMentor, Budgeting (2011)
  • Harvard Business School ManageMentor, Finance Essentials (2011)
  • Harvard Business School ManageMentor, Marketing Essentials (2011)
  • Harvard Business School ManageMentor, Negotiating (2011)
  • Chef Introductory Workshop – Managing Windows (2013)
  • Penetration Testing with Metasploit (2013)
  • Python For Security Professionals (2013)
  • The SANS Institute, Reverse Engineering Malware (2013)
  • The Data Scientist’s Toolbox, The Johns Hopkins University (2014)

PROFESSIONAL CERTIFICATIONS

  • Cisco Certified Network Associate (CCNA)
  • Red Hat Certified Technician (RHCT)
  • Red Hat Certified Engineer (RHCE)
  • CompTIA Security+
  • Check Point Certified Security Administrator (CCSA)
  • Check Point Certified Security Expert NGX (CCSE)
  • Check Point Certified Security Expert Plus (CCSE Plus)
  • GIAC Certified Security Essentials (GSEC)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Information Systems Security Professional (CISSP)