Security happens where man meets machine. Or, fails to happen, as we see all too often. Blame the users. They’ll click anything. Blame the developers. Half their code is riddled with vulnerabilities anyways. Blame the IT staff. You’d think they’d at least know better. But perhaps, we’ve been placing the blame on the wrong places. What exactly happens where people and technology meet? At that moment, that very moment, what factors in human psychology and industrial design are at play? And suppose we could pause time for a moment. Suppose we could tease out those factors. Could we design a better experience, design a better outcome, design a better path to the future? This session explores these questions and identifies lessons the cyber security field can learn from industrial design.
- Understand where design strategy fits in a security program and which problems design addresses.
- Learn to leverage psychology and technology to have people make secure decisions and secure actions.
- Discover the design framework (tactics and metrics) to build and manage a security culture.
About Wolfgang Goerlich
J. Wolfgang Goerlich is an Advisory CISO for Duo Security. Prior to this role, he led IT and IT security in the healthcare and financial services verticals. Wolfgang has held VP positions at several consulting firms, leading advisory and assessment practices. He is an active part of the security community, co-founding and organizing security conferences. He hosts a popular YouTube video series. Wolfgang regularly advises on and presents on the topics of security architecture and design, identity and access management, data governance, secure development life cycles, zero-trust security, and more.