Blog - Page 3 of 115 - J Wolfgang Goerlich

IT security then and now, on IT and the D podcast

February 9, 2023

Ten years ago, I was the first guest on IT in the D podcast. (I won’t go back and listen. It’s like looking at photos of yourself in high school.) I was there to promote the BSides Detroit conference. Now that I’m doing another conference this year, they invited me back to talk about what’s changed in ten years. Take a listen.

IT Security Then and Now, Securing Relationships with Wolfgang Goerlich, Cybersecurity Strategist. This week we met with Wolfgang Goerlich. Not only is he a well respected CISO, he was our guest on Episode 1 (and episode 112). We had fun catching up, talking about security then vs. now, changes in philosophy, and mocked marketing jargon for commonly used tech. We ended by talking about Securing Sexuality, his conference and podcast, prompted by his wife, who is a relationship and sexuality therapist.

To see listen to other podcast interviews, click to view the Podcasts page or the Podcasts category.

Cybersecurity resolutions for consumers

January 17, 2023

I participated in a Satellite Media Tour to share cybersecurity resolutions for consumers to keep in mind heading into 2023. Resolve to secure your accounts, resolve to protect your toys and tech, and resolve to protect your privacy. These interviews saw more than 300+ airings, including Washington, D.C.’s WJLA, Jackson, Tennessee’s WBBJ-TV, Tampa Bay, Florida’s WFTS, Jacksonville, Florida’s WTLV-TV, Austin, Texas’ KEYE. Here’s the one from South Florida’s WSFL-TV, to give a flavor of the conversation.

This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category. Do you want to interview Wolf for a similar article? Contact Wolf through his media request form.

Tech trends for 2023

December 21, 2022

Identity and access management solutions continue a hot streak for their capacity to improve operations.

Excerpt from: Tech Trends: Governments Express High Interest in IAM

At the Virginia Department of Transportation, a ransomware hack targeting the state’s traffic management system made it clear that it was time to beef up VPN security. For the state of Illinois, the issue was siloed technology operations within agencies that made it difficult for employees and residents to access tools and services.

The challenge for the city and county of Denver was what the government’s chief data officer described as multifactor authentication “sprawl.”

While each organization had to deal with its own problems, their IT teams all came to the same conclusion: They had to do better with identity and access management.

“I’ve never seen so much interest in this topic,” says Wolfgang Goerlich, Cisco’s advisory CISO for Duo, an identity and access management platform that both Denver and VDOT now rely on for protection from cyberthreats. “The big picture is that zero trust has become a mandate at multiple levels, and agencies are turning to identity and access management as one of the quickest paths to success.”

Read the full article: https://statetechmagazine.com/article/2022/12/tech-trends-governments-express-high-interest-iam

The Application Security Podcast — Security beyond vulnerabilities

December 1, 2022

“Wolf joins us to talk about some security things that will stretch your mind, like security beyond vulnerabilities, how apps intended functionality can be misused, data privacy, and nudges and behavior science. Wolf challenged my thinking in this episode and pointed out a new area of threat modeling I had never considered. We hope you enjoy this conversation with… J. Wolfgang Goerlich.”

Have a listen here: https://www.youtube.com/watch?v=oZe0Sp9JU3s

To see listen to other podcast interviews, click to view the Podcasts page or the Podcasts category.

Securing Sexuality Podcast Episode 15: Balls, Shaft, and Flippers

November 20, 2022

From it’s origins as outlaw entertainment to its modern iteration as a somewhat old fashioned family-friendly activity, join Stef and Wolf at the Seattle Pinball Museum as they discuss what lessons we can learn about life, love, and lust from a decades old game.

To see listen to other podcast interviews, click to view the Podcasts page or the Podcasts category.

The Imposter Syndrome Network Podcast

November 15, 2022

I’m on the Imposter Syndrome Network with Zoe Rose and Chris Grundemann this week. I’m emphasizing trust and relationships in the imposter syndrome conversation. “If they trust you, you can have a degree of freedom to interact, explore, to get it right. But if they don’t, it doesn’t matter how good you are. They are going to doubt you.”

I also cover my imposter syndrome coaching framework: good imposter syndrome, bad imposter syndrome, and systemic imposter syndrome. The good is where you’re feeling the pressure to up your game, where you’re in a room with many brilliant people. The bad is where you let imposter syndrome prevent you from taking opportunities and when it gets in the way of you going into that room. Finally, there is the systemic challenges where the reason you feel like an imposter is because the culture, the people in the room, are actively making you feel like you don’t belong.

“It’s intrinsic, as leaders, to help people move towards good imposter syndrome and recognize and address systemic. If everyone on your team is being a jerk to a few coworkers, doesn’t matter how much you can tell them ‘be confident, you’re okay, you belong here.’ They’re not going to feel it, and it’s really on you as the manager to address that.”

This is my advice to leaders helping people through imposter syndrome. Understand which of the three — good, bad, systemic — and act accordingly. There is always a reason someone is feeling the way they do, and if it’s systemic, it’s on us to address it.

Have a listen here: https://www.buzzsprout.com/2016832/11567691

To see listen to other podcast interviews, click to view the Podcasts page or the Podcasts category.

Cisco Rolls Out Duo Passwordless Authentication, Sees WebAuthn Usage Surge

November 2, 2022

Excerpt from: Cisco Rolls Out Duo Passwordless Authentication, Sees WebAuthn Usage Surge

Cisco plans to roll out its Duo Passwordless Authentication globally next Wednesday. This push is in line with the findings from Duo Security’s recent report which showed that passwordless adoption continues to climb.

“We’re starting to reach a tipping point where the hardware is ubiquitous, the standards are in place, and enough services support the standards, and that’s really driving that increase that we see in web authentications. So now … organizations can adopt them with confidence,” Goerlich said.

Read the full article: https://www.sdxcentral.com/articles/news/cisco-rolls-out-duo-passwordless-authentication-sees-webauthn-usage-surge/2022/11/

IDentity Now Podcast

August 31, 2022

I was a guest recently on the IDentity Now podcast, channeling Burning Chrome: When tech hits the streets.

“J Wolfgang Goerlich, Advisory CISO for Cisco joins us to discuss real-world security and how it translates into the field. Wolf uncovers the challenges he’s faced throughout his career, implementing security by design, looking at both the usability and defensibility use cases and how the cyber-physical threat environment has evolved. Finally, his advice to CISOs’s to improve their overall security posture.”

“When technology hits the streets, it doesn’t always get used the way that security people predict it will be.”

Have a listen here: https://omny.fm/shows/identitytoday/when-tech-hits-the-streets

To see listen to other podcast interviews, click to view the Podcasts page or the Podcasts category.

Things Wolfgang Goerlich Says – Design Monday

May 16, 2022

Alright, alright. This feels a bit strange. But I’m collecting my folksy sayings on cybersecurity leadership and design in one place. I’ll update this over time.

Good Security

Good security is usable security.
Good security gets out of the way of users while getting in the way of adversaries.
- Good security frustrates attackers not users.
Good security first delivers a business outcome and then, as a result, increases security.
Good security supports changing maturity.
Good security projects leave people hungry to play again

Cloud Security

Ownership is not a security control.
Security is not what we control, it is what they do.

Defense and Offense

When work looks like work, work gets done.
Risk isn’t the language of the business. Story is.
Security happens where mankind meets machine.
The more constraints placed on users, the more creative they become.
All a better mousetrap does is breed better mice.

Media Mentions

Four ways CISOs can move enterprise security into the new normal (September 2020)
A pre-mortem on Zero Trust (May 2023)
Investments in cybersecurity initiatives (August 2023)

Always remember friends: The Cyber War will not be won with platitudes.

— Wolf

Securing Bridges with Alyssa Miller

March 31, 2022

Alyssa Miller invited me to join her on the Securing Bridges podcast. We talked about board conversations, building roadmaps, the power of storytelling, and the use of metrics. Somehow, security geese and free phish, wizards and alchemy, cottage core and goblin mode also came up. Somehow. But hey? What else would you expect when I’m on a coffee-fueled rant?

To see listen to other podcast interviews, click to view the Podcasts page or the Podcasts category.