About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Training That I Would Like…

I often find myself thinking about what training I’d like to help keep my knowledge moving forward. This morning I sat down and wrote up a small list of the training that I would like to receive over the next two years (if possible).

SANS Security 508: Computer Forensics, Investigation, and Response

Description:
Learning more than just how to use a forensic tool, you will be able to demonstrate how the tool functions step-by-step. You will become skilled with tools, such as the Sleuthkit, Foremost, and the HELIX Forensics Live CD. We will rapidly move on to advanced forensic and investigation analysis topics and techniques. This SANS hands-on technical course arms you with a deep understanding of the forensic methodology, tools, and techniques to solve even the most difficult case.

Reason:
I’ve always been interested in Forensic Analysis but have never received any formal training. I know how to handle incidents and safeguard data for further investigation but I don’t know how to take that next step. Plus, being able to pull something from nothing is a really cool concept 🙂

SANS Security 560: Network Penetration Testing and Ethical Hacking

Description:
Attendees will learn how to perform detailed reconnaissance, learning about a target’s infrastructure by mining blogs, search engines, and social networking sites. We’ll then turn our attention to scanning, experimenting with numerous tools in hands-on exercises. Our exploitation phase will include the use of exploitation frameworks, stand-alone exploits, and other valuable tactics, all with hands-on exercises in our lab environment. The class also discusses how to prepare a final report, tailored to maximize the value of the test from both a management and technical perspective. The final portion of the class includes a comprehensive hands-on exercise, conducting a penetration test against a hypothetical target organization, following all of the steps.

Reason:
I know how to run tools like a script kiddie but need, and want, to know more about discovering and exploiting vulnerabilities.

SANS Security 617: Wireless Ethical Hacking, Penetration Testing, and Defenses

Description:
This course takes an in-depth look at these fields, exposing you to wireless security threats through the eyes of an attacker. Using readily available and custom-developed tools, you’ll navigate your way through the techniques attackers use to exploit WiFi networks, including attacks against WEP, WPA/WPA2, PEAP, TTLS, and other systems. We’ll also examine the commonly overlooked threats associated with Bluetooth, WiMAX, and proprietary wireless systems. Using the SWAT toolkit, we’ll back up the course content with hands-on labs and practical exercises designed to reinforce the concepts.

Reason:
I want to take this class for the same reasons mentioned above for Sec 560 but from a wireless angle.

Pentesting with BackTrack :: PWB

Description:
“Pentesting with BackTrack” (previously known as Offensive Security 101) is an online course designed for network administrators and security professionals who need to get acquainted with the world of offensive security. The course introduces the latest hacking tools and techniques, and includes remote live labs for exercising the material presented to the students.

This course gives a solid understanding of the penetration testing process, and is equally important for those wanting to either defend or attack their network. The course can be taken from your home, as long as you have a modern computer with high speed internet.

Reason:
I have heard nothing but good things about this course (mainly from Rob “Mubix” Fuller) and, although I have a copy of BackTrack, I feel that I only use about 1% of it. I want to learn how to use this image to its full potential.

Andrew Hay