About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Cheesy reference to The Hitchhiker's Guide to the Galaxy aside, I've finally decided that my new corporate laptop is going to be a MacBook. The decision was not easy to come by but I had a little help from my friend Brian and my colleagues in the Security Catalyst Community Forums (registration required). The main reason behind the switch is that my Compaq X1300 laptop of 2 years shuts off, not down, at random. I believe there may be an electrical problem with the motherboard as I sometimes hear electric crackling and the fan usually doesn't spin. Unfortunately,...

Read More

On Tuesday, April 24th, 2007 I will be presenting the SANS SECURITY 452 StaySharp: IP Packet Analysis track here in Fredericton, New Brunswick, Canada. Knowing how to decode network traffic with tools is a necessary skill for any serious network or information security administrator. Being able to decode the bits and bytes that represent our mission-critical networks gives you the skills to identify malicious activity, troubleshoot network failures, and analyze other desirable or undesirable network events. This Stay Sharp class will give you the basic skills to decode network traffic with open-source tools available for Unix and Windows systems. You'll be able...

Read More