About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Here is a snippet of my latest Security Catalyst post entitled Do as I Say, Not as I Do: Security professionals have a duty to promote security in the enterprise. In fact, most professionals take on the role of a “security herald” for their organization or customer quite seriously. At the end of the day, however, many practitioners pack up their things, make their way home, and completely throw all of their beliefs out the window. The sad and unfortunate truth is that security professionals do not always practice what they preach...

Read More

Twitter, like a hammer, is a tool. Many wouldn't think to bring a hammer to a wedding, board meeting, or maybe even to a super secret trip. One House Intelligence Committee member however, who would probably have been better off bringing a hammer instead of his Twitter-enabled device with him, let slip a secret Iraq trip on Twitter last Tuesday. Rep. Peter Hoekstra, R-Mich., tweeted a secret congressional trip to Iraq, which Hoekstra was told to keep secret before leaving Washington D.C., on his Twitter feed. The first tweet, sent on Tuesday, announced: "Heading to Iraq and Afghanistan weds night.I'll update on...

Read More

Last week, Alan Shimel posted that he had a free Black Hat DC ticket to give away to a worthy reader of his blog. The winning commenter was Will Chatham with this entry: I've never been to a convention because they always hold them out west or way up north. This one, however, is not unreasonably far from me (I'm in NC), and being an aspiring security professional, I think it would help me in numerous ways, from networking with people to learning more about the field. You don't know me from Jack, but you would make someone's year if you...

Read More