About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

The False Sense of Security: SSL Visibility & Decryption on the Network Edge with Andrew Hay, Senior Analyst, The 451 Group With the recent SSL Certificate Authority breaches, our inherent trust in SSL has been compromised. For the same reasons SSL is optimal for insuring privacy and confidentiality, it has become an avenue for hackers to exploit in order to penetrate networks that lack visibility into that encrypted traffic. Headlines on the Comodo, KPN and DigiNotar breaches have called the ability for SSL to provide trustworthy authenticity into question. Authenticity is not optional for secure communication. Can we afford to put our...

Read More

If you’ve read the headlines throughout the first part of this year, you will have noticed that high-profile, targeted security breaches are becoming increasingly commonplace. The reality has set-in for executives: preventive measures alone are not enough to effectively counter targeted threats. Organizations must be prepared to detect and respond. Join MANDIANT’s Dave Merkel and Andrew Hay of The 451 Group as they discuss the prevalence of targeted breaches through the eyes of a vendor and a security analyst, respectively. The webinar is on Wednesday, August 31st 2011 at 4pm EDT and can be found here....

Read More