Andrew Hay is a veteran cyber security industry startup Founder, COO, CTO, CISO, industry analyst, security strategist, and international public speaker with more than 20 years of experience related to endpoint, network, and security management technologies. He prides himself on his ability to execute the security and business vision of the company without neglecting the needs of its customers.
As the Chief Operating Officer (COO) and Chief Technology Officer (CTO) for LEO Cyber Security, he is a member of the senior executive leadership team responsible for the creation and driving of the strategic vision for the company. One of his primary responsibilities is the development and delivery of the company’s comprehensive cyber security, digital forensics, incident response, cloud architecture, and advanced research centers of excellence.
As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocated for the company’s total information security needs and was responsible for the development and delivery of the company’s comprehensive information security strategy.
Andrew was formally the Director of Security Research at OpenDNS where he led the research agenda and efforts for the company. Andrew was instrumental in raising the profile of the company and its research prior to its acquisition by Cisco Systems in 2015. Prior to joining OpenDNS, he was the Director of Applied Security Research and Chief Evangelist at CloudPassage, Inc. Before CloudPassage, Andrew served as a Senior Security Analyst for 451 Research’s Enterprise Security Practice (ESP) providing technology vendors, private equity firms, venture capitalists and end users with strategic advisory services – including competitive research, new product and go-to-market positioning, investment due diligence and tactical partnership, and M&A strategy. Through his work at 451 Research, Andrew was instrumental in securing tens of millions of dollars in equity investment for numerous security product vendors.
Before joining 451 Research, Andrew worked in the Information Security Office (ISO) of the University of Lethbridge, in Alberta, Canada and, prior to that, at a privately held bank in Hamilton, Bermuda. In each position, he was responsible for strategically designing, driving, and executing the goals and objectives of the organization’s information security programs.
Andrew also served in various roles at Q1 Labs (now IBM), including Engineering Manager, Product Manager, and finally as the Program Manager responsible for the entire portfolio of third-party technology partner relationships.
Andrew was honored with the title of Security Thought Leader in May 2008 by the SANS Institute; named an IT Knowledge Exchange blogger of the week in June 2009; listed as one of the 10 ‘Infosec Folk to Follow on the Twitters’ by Matthew Grant in November 2010; listed as one of the Most Powerful Voices in Security by SYS-CON Media’s Jim Kaskade in September 2011; named one of Tripwire Inc.’s Top 25 Influencers in Security in December 2011; named one of the Top Chief Security Officers (CSOs) to Follow on Twitter by CEOWORLD Magazine in April 2014; and named one of the 100 DevOps leaders, enthusiasts, and experts you should follow today by TechBeacon in September 2015.
Andrew was also presented with the Lethal Forensicator Coin by The SANS Institute at the SANS 2010 What Works in Forensics and Incident Response Summit – awarded to those who demonstrate exceptional talent, contributions, or helps to lead in the digital forensics profession and community. He is a sought-after speaker and has presented at numerous international security conferences.
Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine. Andrew also has written articles for several trade publications such as Information Week Magazine, DarkReading and Network Computing on various security-related topics.