Why I joined the DataGravity leadership team

I am very excited to join the DataGravity leadership team as its first Chief Information Security Officer (CISO) where I’ll be responsible for defining, executing, and managing the security for the company and its employees, products, and services. I’ll also be evangelizing our company and product out in the field and generally helping wherever needed.

When I first spoke with Paula Long, John Joseph, and the other executives about the role, they provided me with tremendous insight into the company including the current state, the future vision, and the culture. After speaking with some DataGravity investors, industry analyst friends and colleagues I knew this was the place for me. Everyone I asked about the company was in love with the product, its leadership, and its potential.

As stated in Paula’s blog post announcing my arrival many IT pros lack clarity about how to improve data security or how to extract the maximum value out of their data. Many companies do not have a full time CISO or even a dedicated security person. Often, the person who is responsible for data security also has numerous other responsibilities. As a result, these companies are in a race they can’t win.

Perhaps one of the biggest ongoing battles in any organization is where the responsibility for both IT and security begins and ends. This gray area has caused problems in every size of organization and industry vertical as the division of responsibility changes from organization to organization and team to team. One of the things I’m looking forward to talking about here at DataGravity is how security is a team sport. IT and security are sometimes one and the same, depending on the size of business, and there are a number of things we can do to limit or remove the friction of applying security to an organization.

We’ve all heard the old M&M analogy “security is like a piece of candy, hard shell on the outside, soft on the inside.” This approach of securing the perimeter is antiquated and has been proven to fail time and time again. Ask yourself the following question: “What am I trying to protect?”

The DataGravity technology was a huge motivator towards my decision in accepting the role. Though not a software engineer I pride myself on my ability to help grow a company through tactical and strategic integrations and partnerships. I see information security as an intricate machine where the precise movement of gears in unison is required for operation. At the heart of this machine is the data.

In DataGravity I finally see a way to answer the question “Where is my sensitive data located and is it secure?” Having worked in several highly regulated industries I understand the importance of data awareness first hand. From the accidental removal of personally identifiable information (PII), to the carefully planned theft of confidential financial records, to the storage and distribution of illicit images, the problem boils down to one thing – the data.

Data security at the point of storage not only makes sense from the perspective of an industry-regulated entity or even a cloud-averse organization, but it is essential for keeping the lifeblood of an organization – the data – safe and secure.

Though DataGravity is headquartered in Nashua, NH I will continue to live and work in the San Francisco Bay Area. I’m very excited to join the DataGravity team and look forward to helping organizations of all sizes finally get the visibility needed to protect their company, employee, and customer data. I look forward to sharing customer and industry insights through conference presentations, webinars, phone calls, interviews, and frequent blog posts.

To stay on top of the latest DataGravity news and events, follow us on LinkedIn.

2 Likes
Andrew Hay

Andrew Hay

With over 15 years of data security experience in various roles inside organizations as well as advising them, Andrew serves as the chief information security officer at DataGravity. He is responsible for the development and delivery of the company’s comprehensive data security strategy. Prior to DataGravity, Andrew was the director of research at OpenDNS (acquired by Cisco) and the director of applied security research and chief evangelist at CloudPassage.