About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

After working with my contact at SANS for the last few weeks it's finally official! From Thursday, April 5, 2007 to Thursday, June 7, 2007 I will be leading the Security 504: Hacker Techniques, Exploits and Incident Handling track here in Fredericton, New Brunswick, Canada. I see this as a really big deal for the following reasons: The population of Fredericton is only around 48000 which is is the size of most big city suburbs. Trying to get this type of training is not easy in Fredericton, let alone the rest of Atlantic Canada. Most organizations in New Brunswick are unable to send...

Read More

As I picked up my latest copy of Information Security Magazine I found myself wondering what Tom Hanks was doing on the cover. On second glance I noticed that this wasn't Tom Hanks but rather Eric Bangerter from the University of Wisconsin Credit Union. This mistake made me think of two things: How could my eyes possibly be that bad? Why doesn't the security industry have champions on Hollywood? The first item really isn't the basis for a good article so I'll stick with the second item. Animals have Paul McCartney, Buddhism has Richard Gere, Scientology has Tom Cruise (or maybe it's the other way...

Read More

I received a hilarious email posted to the security-basics mailing list this morning that I had to share: I was in a bar in San Francisco where my English accent has a habit of stimulating conversation with total strangers, in this case it was with a webmaster (sadly not webmistress) of a dubious website hosted in Amsterdam (I don't think I need to expand on the nature of the site;) I mentioned that I was passionate about Information Security, whereupon, he proceeded to tell me his root password, as he was so proud about how hard it would be to...

Read More