J Wolfgang Goerlich's thoughts on Information Security
Friday Books and Talks 11/22/2013

By wolfgang. 22 November 2013 18:27

Here are some of the books that I enjoyed this week.

Working Relationships
by Bob Wall

"From C-level executives to front-line supervisors, the research is clear: emotional competencies are more important than training, IQ, and technical experience in determining who succeeds and fails at work. Into this exciting business arena, the revised and expanded edition of Working Relationships takes its rightful place as a classic toolkit for mastering the personal characteristics and social abilities of emotional intelligence (EQ), with new contributions that include two chapters focused exclusively in the power of EQ to influence success regardless of job type, level of education, or scope of responsibility."

Leading So People Will Follow
by Erika Andersen

"Leading So People Will Follow explores the six leadership characteristics that inspire followers to fully support their leaders. Using Erika Andersen’s proven framework, new leaders and veterans alike have increased their capacity for leading in a way that creates loyalty, commitment and results. Step by step, Andersen lays out six key attributes (far-sightedness, passion, courage, wisdom, generosity, and trustworthiness) and gives leaders the tools for developing them. This innovative book offers a practical guide for building the skills to become a truly 'followable' leader."

Tags:

General

Friday Books and Talks 11/15/2013

By wolfgang. 15 November 2013 05:02

Here are some of the books and talks that I enjoyed this week, in no particular order.

The Art of Explanation: Making your Ideas, Products, and Services Easier to Understand
by Lee LeFever

"You've done the hard work. Your product or service works beautifully - but something is missing. People just don't see the big idea - and it's keeping you from being successful. Your idea has an explanation problem."

"The Art of Explanation is for business people, educators and influencers who want to improve their explanation skills and start solving explanation problems."

"Author Lee LeFever is the founder of Common Craft, a company known around the world for making complex ideas easy to understand through short animated videos. He is your guide to helping audiences fall in love with your ideas, products or services through better explanations in any medium."


By Arthur Benjamin

"Math is logical, functional and just ... awesome. Mathemagician Arthur Benjamin explores hidden properties of that weird and wonderful set of numbers, the Fibonacci series. (And reminds you that mathematics can be inspiring, too!). Using daring displays of algorithmic trickery, lightning calculator and number wizard Arthur Benjamin mesmerizes audiences with mathematical mystery and beauty."

By Abha Dawesar

"One year ago, Abha Dawesar was living in blacked-out Manhattan post-Sandy, scrounging for power to connect. As a novelist, she was struck by this metaphor: Have our lives now become fixated on the drive to digitally connect, while we miss out on what's real?"

Tags:

General

Why You Should Work in Information Security

By wolfgang. 13 November 2013 08:19

Rasmussen College reached out for advice on why information security is a great field to be in. My response is below. Click through to read more thoughts.

Expert Advice on Why You Should Work in Information Security ... NOW
http://www.rasmussen.edu/degrees/technology/blog/expert-advice-why-work-in-information-security/

1. Working in information security is exciting, challenging and never-ending

"Information security is new unexplored territory ... and this creates exciting and challenging work," says J. Wolfgang Goerlich, vice president of consulting at VioPoint.

Information security professionals work on teams to develop tactics that will help find and solve unauthorized access as well as potential data breaches. A crucial part of the job in information security is keeping companies from having to deal with unwanted exposure.

The best information security teams, Goerlich says, are those that provide "consistent mentoring and cross-training." He says professionals in this field must be constantly learning and sharing what they know.

"As the technology is shifting and the attacks are morphing, the career effectively is one of life-long learning," Goerlich says.

Tags:

Security

Friday Books and Talks 11/08/2013

By wolfgang. 8 November 2013 19:54

Here are some of the books and talks that I enjoyed this week, in no particular order.

Getting More: How to Negotiate to Achieve Your Goals in the Real World
by Stuart Diamond

"Based on more than 20 years of research and practice among 30,000 people in 45 countries, Getting More concludes that finding and valuing the other party’s emotions and perceptions creates far more value than the conventional wisdom of power and logic. It is intended to provide better agreements for everyone no matter what they negotiate – from jobs to kids to billion dollar deals to shopping."

"The book, a New York Times bestseller and #1 Wall Street Journal business best seller, is based on Professor Stuart Diamond’s award-winning course at the Wharton Business School, where the course has been the most popular over 13 years. It challenges the conventional wisdom on every page, from “win-win” to BATNA to rationality to the use of power. Companies have made billions of dollars so far using his new model and parents have gotten their 4-year-olds to willingly brush their teeth and go to bed."

TED: Architecture at home in its community
By Xavier Vilalta

"When TED Fellow Xavier Vilalta was commissioned to create a multistory shopping mall in Addis Ababa, he panicked. Other centers represented everything he hated about contemporary architecture: wasteful, glass towers requiring tons of energy whose design had absolutely nothing to do with Africa. In this charming talk, Vilalta shows how he champions an alternative approach: to harness nature, reference design tradition and create beautiful, modern, iconic buildings fit for a community."

Tags:

General

Video of my GrrCon Threat Modeling Talk

By wolfgang. 7 November 2013 18:38

GrrCon posted video of my 2013 talk. My talk is kicking off a collaboration with #misec to create a threat modeling methodology. We held our first working session on 10/26. The next steps include talks at BSides Jackson (Mark Kikta), at next week's #misec meeting (Steven Fox and me), and next month's ISSA meeting (Mark and me). A formal threat modeling workshop will be held in Q1 2014. Stay tuned for more.

 

GrrCON 2013- Beautiful Models - J Wolfgang Goerlich
http://www.youtube.com/watch?v=82_lYv5CDy8

We need beautiful models. Models attract and hold your attention. They excite you. They prompt action. And action, excitement, and focus is exactly what is needed to defend IT. By models, of course, we mean threat models. Intricate and beautiful, a good threat model tells a story. It indicates what we are protecting and where the attacks may come from. Done right, modelling highlights both the strengths and weaknesses of our IT. It becomes a means for strengthening and focusing our efforts. We need beautiful models to see what is and what could be.

This session will explore threat modeling as part of the secure development lifecycle. A case study will be presented. The stories are real and only the names have been changed to protect the innocent. Beautiful Models answers the question: what is it that makes a threat model beautiful and actionable?

Tags:

Threat modeling

Friday Books and Talks 11/01/2013

By wolfgang. 1 November 2013 17:06

Here are some of the books and talks that I enjoyed this week, in no particular order.

Finding the Next Steve Jobs: How to Find, Hire, Keep and Nurture Creative Talent
by Nolan Bushnell, Gene Stone

In Silicon Valley legend Nolan Bushnell's first book, he explains how to find and hire employees who have the potential to be the next Steve Jobs. Here Bushnell explains how to find, hire, and nurture the people who could turn your company into the next Atari or the next Apple. Bushnell's advice is constantly counter-intuitive, surprising, and atypical. When looking for employees, ignore credentials. Hire the obnoxious (in limited numbers). Demand a list of favorite books. Ask unanswerable questions. Comb through tweets.

Just because you've hired creatives doesn't mean you'll keep them. Once you have them, isolate them. Celebrate their failures. Encourage ADHD. Ply them with toys. Encourage them to make decisions by throwing dice. Invent haphazard holidays. Let them sleep.

The business world is changing faster than ever, and every day your company faces new complications and difficulties. The only way to resolve these issues is to have a staff of wildly creative people who live as much in the future as the present, who thrive on being different, and whose ideas will guarantee that your company will prosper when other companies fail.

Tribal Leadership: Leveraging Natural Groups to Build a Thriving Organization
by Dave Logan, John King

Within each corporation are anywhere from a few to hundreds of separate tribes. In Tribal Leadership, Dave Logan, John King, and Halee Fischer-Wright demonstrate how these tribes develop—and show you how to assess them and lead them to maximize productivity and growth. A business management book like no other, Tribal Leadership is an essential tool to help managers and business leaders take better control of their organizations by utilizing the unique characteristics of the tribes that exist within.


In today's constantly shifting marketplace, "innovation" has become the catchword of companies large and small. In The Innovation Premium, Ron Jonash and Tom Sommerlatte draw on years of research and experience to demonstrate-for the first time-that those companies that consistently achieve innovation leadership enjoy measurable advantages, including an average 15 percent increase in shareholder returns. Bridging the gap between the technological and organizational aspects of innovation, the authors show managers at all levels how to move beyond continuous improvement of products and processes to create the "Next Generation Enterprise," an organization that thrives on innovation and knows how to harness it to create and capture value, spark and speed growth, and achieve the highest standards of performance.


By Onora O'Neill

Trust is on the decline, and we need to rebuild it. That’s a commonly heard suggestion for making a better world … but, says philosopher Onora O’Neill, we don’t really understand what we're suggesting. She flips the question, showing us that our three most common ideas about trust are actually misdirected

By Itay Talgam

An orchestra conductor faces the ultimate leadership challenge: creating perfect harmony without saying a word. In this charming talk, Itay Talgam demonstrates the unique styles of six great 20th-century conductors, illustrating crucial lessons for all leaders.

Tags:

General

    Log in