Here’s a session I did with John Gunn, CEO of Token, on prioritizing security efforts this year amid changing technologies (hello, AI) and changing regulations (hello, SEC).
Archive for the ‘Videos’ Category
Pre-mortems – #2 on SDxCentral’s Top 10 Stories
Posted bySDxCentral posted the top ten stories of 2023. I was surprised and pleased my pre-mortem on Zero Trust came in at number two on the list. I’m not tagging this as news, as I covered the story when it came out here: https://jwgoerlich.com/a-pre-mortem-on-zero-trust/
But! That did remind me. Since the original article came out, the video came out. If you want to see the RSA talk that landed the second spot on SDxCentral’s top ten, you can see it now. Right here. Right now. So much fun.
Joining the Coffee Table talks with Rachel Arnold
Posted byOn a webinar with my wife, the lovely Stefani Goerlich, discussing our weekly Securing Sexuality podcast and our upcoming Securing Sexuality Conference. That’s happening this October in Detroit, Michigan. Get your tickets!
Joining Midori on the Consent Dojo
Posted byWe “Value” Your Privacy: Digital Consent with J Wolfgang Goerlich + Midori
- How has consent been co-opted with things like end user agreements and cookies, and what can we do about it?
- What can we consent to when it comes to digital toys and tech, including sex toys and sex tech?
- What are consent technologies, and are there new developments, innovative technologies, or new approaches?
- How are people advocating for themselves, individually or collectively, to take back control over our tech?
Nudge and Sludge: Driving DevOps Security with Design
Posted by
Nudge and Sludge: Driving DevOps Security with Design
Security people say users are the weakest link. When security becomes burdensome, users take shortcuts jeopardizing security. Design offers a solution. We will walk through affordances, nudges, sludge and principles to inform and direct our design. Come learn how better usability leads to DevOps security.
This talk was given at DevOpsDay Tel Aviv 2021.
Kim Crawley and 8 Steps to Better Security
Posted byKim Crawley, author of 8 Steps to Better Security, discusses what it takes to make a resilient security program.
Watch more videos on my YouTube channel.
We got it wrong! – Great Lakes Security Conference
Posted byThis session is on all the things we all say all the time, about all the things we call know. Security through obscurity is bad. Defense in depth is good. Stop clicking things. Next generation is bad, or maybe, next generation is good. The list goes on and on. The resulting rules of thumb are sometimes contradictory and often misleading. With war stories and anecdotes, we’ll explore what happens when teams run security by tribal knowledge instead of research and reason. Spoiler alert: they get pwned. Turns out, we were wrong.
Presented for Great Lakes Security Conference (GLSC) 2021.
Watch more videos on my YouTube channel.
Security Design on David Giard’s Technology and Friends
Posted byLong time friend David Giard had me back on his video series to talk about my security design principles series. It’s always a pleasure to chat with David. Check out our conversation below, and his entire Technology and Friends series on YouTube.
Design Thinking for Blue Teams at Converge Detroit
Posted byUsability versus security is stupid. It forces us to choose one or the other. It excuses security breaches under the guise of usability. It automatically pits us against them, builders against breakers, developers against defenders. A better approach is to view security like usability: they happen where man meets machine. At that moment of meeting, what factors in human psychology and industrial design are at play? And suppose we could pause time. Suppose we could tease out those factors. Could we design a better experience, design a better outcome, design a better path to the future?
Recorded for Converge Detroit 2020
Watch more videos on my YouTube channel.
Overcoming Functional Fixedness When Brainstormed Controls – Take Five for CyberSecurity
Posted byWhen you look at the FedEx logo, do you see an E and an X? Or do you see an arrow? Let’s look at the cognitive processes that drive what we see. I’ll give two tips on how to get more creative when designing security controls.
Watch more videos on my YouTube channel.