About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

We already know that one of the most common issues in every security breach is that organizations don’t always know what’s in their data. However, for many companies, another risk factor plays a major role …

The post Putting security on the map: How geography affects your data appeared first on DataGravity Blog.

...

Read More
scientistsI, like many in the information security industry, submit talks to a number of conferences every year. The more conferences I submit to, however, the more apparent it becomes (at least to me) that a more scientific approach to the call for papers/proposal (CFP) process is required to reduce bias. I’m not saying that any or all of the CFP committee participants, or the conference itself, is guilty of malicious or intentional bias. Science has shown that there will always be irrational cognitive biases, whether intentional or not, that affect our decision making process. In a CFP process this could manifest itself as bias towards any number of things such as a particular topic, an individual’s past, sexual orientation or identification, company or industry affiliation, and even the grammar of the submission itself.
 
I see the CFP process as a reproducible experiment. As such, an experiment of this nature requires a number of things to be conducted successfully in a measurable and repeatable fashion. The following list of ideas are the result of a personal brainstorm of what I would like to see included as a part of the CFP process (in no particular order):