Andrea Hoy


A.Hoy & Associates

President / vCISO

Andrea received her initiation into the information security community when her hard work and dedication earned her the role of Assistant Venue Manager/Supervisor for the highly successful 1984 Los Angeles Summer Olympics. This position exposed her to the information security field and ignited a passion that has made Andrea, arguably, one of the leading women in her profession. She has not only served as an advisor to the Pentagon, but in 1991 Andrea received the Security Education Manager's Award, presented to her by a representative from the Pentagon, acknowledging her work in applying Continuous Process Improvements to the implementation of information security resulting in cost savings for both industry and Government. She has been involved in numerous committees in Washington, D.C. to establish national and international information security policies. She has written, spoken on, assisted with, and helped companies establish policies and procedures that comply with the European Union Privacy Directive, the Data Protection Act of 1998, and the Wet Bescherming Persoonsgegevens (WBP) Dutch Personal Data Protection Act of 2000, now GDPR. 

Andrea is CEO of A. Hoy & Associates, a thriving information security consulting firm that was established to provide essential information security expertise on immediate and specific information security. Their specialty is providing seasoned CISOs that can provide “virtual CISO” expertise for those companies that need assistance, are in the middle of turnover, or just need additional C-level staffing to address an urgent matter, project, incident or effort. Other services provided range from a quick policy review to wireless vulnerability risk assessments, computer forensics/investigations, senior management briefings, and assisting with developing a total information security strategic plan customized to the specific company culture quickly and efficiently with the utmost discretion. Ms. Hoy also provides infosecurity consulting, GRC, incident response, training, conducting risk assessment, and assisting companies to establish policies and procedures to comply with NIST CyberSecurity Framework, CIS 20 Critical Controls, GDPR, CCPA, and privacy laws here and abroad to name a few. She represented the US as diplomat to China on eDiscovery and forensics. As the President of Tysak, the security division of a leading international information technology education company, and the Co-Founder and CEO of the Innovation Shipyard Alliance, a not for profit committed to Andrea excels at education. She can often be found at speaking engagements throughout the nation to promote awareness of vulnerabilities and trends in the IT security field. She has been consulted on current information security issues in various newspapers and publications with speaking engagements and radio interviews on such topics as Hacktivism, Script Kiddies, Email Content Management, Email Relay, Smartphone Vulnerabilities, Vendor Management, Data Breach Preparedness and Remediation, and Privacy and Computer Forensics.

Andrea’s commitment to education has driven her to create a nationwide “Chief Information Security Officer (CISO) Bootcamp,” which addresses best practices of security management. At the apex of her 25 plus years in the information security field, she has the distinction of being the first Chief Information Security Director and Data Privacy Officer for Fluor Daniel, a $12 billion dollar Fortune 200 company. In addition to this, she has helped provide strategic direction in information security and business continuity to such companies as Metropolitan Water District, T-Mobile, Apple Leisure Group, Rockwell International, Boeing, McDonnell Douglas, Litton, and Pacific Life. 

Andrea is actively involved in the community serving on developing networking and funding for cyber professionals of the future, especially targeting CyberPatriots. She recently served as the Information Systems Security Association (ISSA) International President , an association of over 10,000 information security professionals, in 151 chapters in over She co-founded the CISO Executive Forum Task Force. established to bring together CISOs, to give them an opportunity to network, share ideas, and improve upon their skills in this executive role and founded and chairs the Financial SIG, Women in Security SIG, former Board of Advisors for AWT. Past entrepreneurial endeavors include Technical Advisory Board for RSA for 4 years, advised the Intl. Board of Directors for PointSec/ProtectData of Sweden, as well as Board of Advisors for a another start up Encentuate till acquired by IBM. She is the founder of A.Hoy & Associates, a virtual CISO provider for a diverse mix of industries.

Andrea received her Masters of Business Administration from Pepperdine University in Malibu, California. Prior to that, she graduated Magna Cum Laude and entered into the honor society of Beta Gamma Sigma (the Phi Beta Kappa of the School of Business). She has been selected as an ISSA Distinguished Fellow in the cybersecurity profession.


Contributions by Andrea Hoy

  • Are We Really Not Paying the Ransom?
    Speaker at IAPP Privacy. Security. Risk. 2023