June 2008 – Andrew Hay

News

Invited to Contribute to The Encyclopedia of Information Assurance

June 18, 2008
Andrew Hay
No Comments

My friend and colleague Rebecca Herold has graciously invited me to contribute a section on Detective Controls: Effectively Using Logs to her upcoming book, the Encyclopedia of Information Assurance (AUERBACH, ISBN 1420066757). I have humbly accepted and look forward to contributing to what sounds like a fantastic resource for the security community.

News

Andrew, What’s Up?

June 13, 2008
Andrew Hay
No Comments

Hey All,

I thought I’d drop a quick post to let you know what’s been keeping me occupied (and away from blogging) for the last few weeks:

Studying For My CISSP Exam

As many of you know, out of spite, I’ll be taking my CISSP exam on June 28th in Ottawa, Ontario, Canada. This is taking quite a bit of my time so I am very “head-down” trying to jam as much information into my head as possible. Wish me luck!

Writing Another Book

I’ve also signed on to write the Nokia Firewall, VPN, and IPSO Configuration Guide (Syngress, ISBN 9781597492867). Note to self, don’t agree to author a book when planning for a large exam.

Drafting Call-For-Papers for Various Conferences

I’ve been trying to get a bunch of CFPs drafted for various fall conferences. Takes a lot of time to produce quality papers that have a chance of being accepted.

SANS GIAC Gold Paper

My SANS GIAC GCIH Gold paper is due August 22nd, 2008 so I’ve been working on getting all the information I need together to draft a killer paper.

Busy, busy, busy 🙂

News

Quoted in Network World: 6 burning questions about network security

June 5, 2008
Andrew Hay
No Comments

Hello All,

To my surprise, a conversation that I had with Ellen Messmer, of Network World, evolved into an article entitled the 6 burning questions about network security. We talked for a good 30 minutes on virtualization, where it’s at, and where it’s going. From the article:

Some security vendors are convinced that the main VM software developers are in such a rush to get their products out to grab market share that as Andrew Hay, product program manager at Q1 Labs, puts it, “security is an afterthought.”
Hay notes there’s no Netflow-enabled virtual switch to help with activity monitoring. “You’re creating a separate network that happens to reside on a box,” Hay says. “But no one pushes for flow analysis in the virtualized world.”
Should all this stop IT managers from going virtual? The bottom line, according to Hay: “It would be best to research your options before going full tilt.”

You can check out the full article here.

Month: June 2008