About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Make sure you catch my SANS "Ask the Expert" WebCast tomorrow! :) Here is the list: De-perimeterization is dead - Well said :) Let me go on record now. The perimeter is alive and well. It has to be. It will always be. Not only is the idea that the perimeter is going away wrong it is not even a desirable direction. The thesis is not even Utopian, it is dystopian. The Jericho Forum has attempted to formalize the arguments for de-perimeterization. It is strange to see a group formed to promulgate a theory. Not a standard, not a political action campaign, but...

Read More

I had the opportunity on Friday to take part in a Security Round Table panel with Michael Santarcangelo, Rebecca Herold, Dr. Anton Chuvakin, Martin McKeay, and Dan York, discussing "Do we have privacy anymore?". You can listen to the podcast here. Areas discussed: Definition of privacy How does privacy in the 21st century differ from privacy in the 20th century and before? How have the attitudes of government and the populace changed privacy in the last decade? Does the average end user understand privacy? Online databases What can we do today and can we recover the privacy we’ve lost (or never had)? ...

Read More