|
Andrew advises enterprise clients on prioritizing and managing security resources within their organizations. He also helps security vendors develop products, services, and go-to-market strategies to assist enterprise customers. Andrew’s research focuses on client endpoint security, packaged and custom web-based applications, and security metrics and measurement. Andrew has 15 years of experience in IT. In his tenure, he co-founded and served as Program Director at security consulting pioneer @stake, Inc. (acquired in 2004 by Symantec Corporation). At @stake, he managed strategic client relationships and directed the Hoover Project, an initiative within the firm to improve clients’ abilities to quantify the risks and returns of security investment. Andrew has also held project manager and business analyst positions with Cambridge Technology Partners and FedEx Corporation. His application security and metrics research has been featured in CIO, CSO, InformationWeek, the IEEE Journal of Security and Privacy and The Economist. Andrew contributes to several security-related open source projects and is the author of the book from Addison-Wesley Publishing, Security Metrics. Andrew has a BA in economics and political science from Yale University. | 