About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

I'll be presenting a SANS Tool Talk Webcast entitled "Log Management: No Longer Optional" on Tuesday, June 2nd at 1pm EST. About the session: Both network and security professionals agree - a log management solution is no longer optional. It's now a required tool in their arsenal. Unfortunately, many of their log management projects have failed because the solution they chose was unable to support the size and scope of the deployment and/or effectively deliver useful results. During this webcast Andrew Hay will discuss important considerations when selecting and deploying a log management solution for your organization and how to avoid some of the...

Read More

This is a term that I've been throwing around for a while now so I thought I'd take the time to define it for everyone. Virtualized Network Security Management (vNSM) The extension of existing Network Security Management (NSM) policies and procedures to include "virtualized" deployments. This includes, but is not limited to, the collection, correlation, and normalization of: logs (e.g authentication, authorization, status, etc.) generated by "virtualized" hosts (e.g. servers, workstations, etc.) logs generated by non-security related applications (e.g. mail server, web server, etc.) installed on "virtualized" hosts logs generated by security related applications (e.g. firewall messages, anti-virus alerts, rootkit installation prevented, etc.) installed on...

Read More