About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

I finally broke down and purchased a copy of Microsoft Office 2004 for my Mac. "Why 2004?" you might ask? Well there's a deal on now that if you purchase Office 2004 you'll get a free upgrade to 2008 when it's launched in mid-January. I can't pass that up :) Here is the list: Diversification and Security - Very informative article which discusses, among other things, how the U.S. Army is shifting it's IT infrastructure over to Macs and how this is not a bad thing. Not to give the false impression that there is an Apple on every desk in the army....

Read More

I hope everyone is enjoying their holidays. I decided to take some time off from my guests to post another SBR. Here is the list: How to Spy Using Van Eck Phreaking - Great video showing Van Eck Phreaking. If you're unfamiliar with the concept it looks like something out of a James Bond movie. A description of Van Eck Phreaking can be found at the related Wikipedia entry: Van Eck phreaking is the process of eavesdropping on the contents of a CRT display by detecting its electromagnetic emissions. It is named after Dutch computer researcher Wim van Eck, who in 1985 published...

Read More

I really apologize to my readers for not updating my blog in a while but I've been trying to focus all of my time and effort on my book. I'll do my best to try and keep-on-postin' ;) Here is the list: Regulatory Compliance Q&A - This is very interesting. I plan on checking this out since regulatory compliance has such a large impact on my day to day work. We just opened a new topic area in our online forum. Dr. Heather Mark, who did her PhD work in Public Administration and Public Policy, will be leading the Regulatory Compliance...

Read More