About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

In my first post I detailed the choices that led me from my original plan of being a history teacher, to dropping out of my computer science program, to starting my first help desk job. After 2 years of working at Taima (now Convergys), I felt that I had hit a wall. The job no longer challenged me and became very monotonous. I decided to put my resume out there to see if anyone was looking for someone with my skill set. I learned very quickly that call center technicians are typically only hired for other call center...

Read More

My post about Mike Murray's Building a Sustainable Security Career article made me think about the question that gets asked to every security professional at some time during their career - "How did you get to where you are?" Everyone follows a different path but some of our journey's start out quite differently. In this 3 part series I'll attempt to explain how I went from a average High School student, with aspirations of being a history teacher, to the leader of a team of security-oriented software developers for a successful startup. Part 1 - The Choice In grade 11 I was...

Read More

There was a great post over at the nCircle Sync blog entitled “Do you still value your CISSP?” by Andrew Storms. I have yet to attain this certification but I plan on sitting for the exam in the coming months because I believe it to be a valuable asset in my personal development plan. The reason this post stood out is due to the comments the author received while at his both at RSA: At RSA, I got one of those badge flags saying "ISC2 Member". More than a few people asked "How did you get that?" Then before I could...

Read More