It’s with great sadness that we learned Andrew Cormack had passed away in April. Andrew was more than just an expert. His curious and open mind inspired many in our community.
I met Andrew first more than 20 years ago in Hamburg as a TRANSITS student. Ever since Andrew has helped me see things from different, often quite unexpected views. Since then Andrew has become a friend and fellow searcher. The image below embodies to me many of Andrew's facets. It was taken on a hike along the sea side of Wales. Looking at the wider picture while reflecting on what he sees, hears and feels.
I can think back to many such walks with Andrew where talking about many topics, but quite often about one of his favorites: Law and its influence on security. In his Mastodon profile Andrew described himself as “Interested in using law as a guide to building responsible digital networks and systems.” This wasn’t an academic interest only, although Andrew did publish a lot in academic journals. During the Seoul conference, for example, Andrew learned of the concerns about possible negative effects of Data Protection on our work, after all Information sharing is one of our key activities. After listening to us he went about doing a legal analysis, and talking to the members of the EU eventually leading to Recital 49 allowing CSIRTs to process personal data to ensure information security. I would never have thought this possible.
What I find remarkable is not only that he managed to do this, but how he did it: By talking and listening to the technical community as well as the regulators, challenging views without ever being judgemental. Andrew had the gift of making everybody feel heard: He would talk to members of the parliament the same way as he talked to a junior engineer, listening to their concerns and questions and taking them seriously. Reading through the emails that were sent by other colleagues to the malinglist, that is what I hear: Andrew was never too busy to support, was always keen on an interesting conversation over a drink and meal, and responded to nonsens with a kind sense of humor. But as the Seoul example shows: Andrew put his knowledge being a fierce advocate for incident response.
This newsletter is too short to list even a fraction of what Andrew has given to the security community or all the people that knew him. Andrew was introduced to the FIRST incident Hall of fame for all he has done, and learned about this shortly before he died. This meant a lot to him.
I will miss the walks and conversation with you.
Serge Droz
Published on FIRST POST: May-Jun 2023