wolfgang-goerlich

Wolfgang Goerlich

IANS Faculty

Expertise

  • Zero Trust
  • Identity & Access Management
  • Multi-factor Authentication
  • Single Sign On
  • Privileged Access Management

Profile

J. Wolfgang Goerlich is a CISO in the public sector. Prior to this role, he led IT and IT security in the healthcare, financial services, and tech verticals. Wolfgang has held senior positions at several consulting firms, leading security advisory and assessment practices. He is a strong presence in the security community, contributing to the establishment and organization of multiple groups and events. Wolfgang focuses on strategy, governance, identity and access management, and resilience.

Expertise

  • Zero Trust
  • Identity & Access Management
  • Multi-factor Authentication
  • Single Sign On
  • Privileged Access Management

Qualifications

Achievements & Contributions
  • InfoWorld Leadership for DevOps and Cloud
  • IDG Best Practices in Infrastructure Management
  • Microsoft Most Valuable Professional (MVP) for Enterprise Security
  • Contributed to NIST standards for digital identity (SP 800-63) and zero trust (SP 800-207)
  • Former organizer of annual BSides and Converge conferences in Detroit
Certifications & Credentials
  • CISSP - (ISC)2
  • Certified Information Systems Auditor (CISA) - ISACA
Telerik.Sitefinity.Libraries.Model.Image?.AlternativeText

October 23 2025

2025 October Webinar: Rethinking Cybersecurity Training in the Age of AI

Research highlighted in The Wall Street Journal last month showed employees fell victim to phishing at similar rates, regardless of training. Meanwhile, AI is accelerating both the volume and sophistication of phishing attempts and deepfakes. While leaders assess their Cybersecurity Awareness Month initiatives, this session will challenge your thinking around the use of traditional simulations and explore more impactful strategies. IANS Faculty and practicing CISOs Wolfgang Goerlich and George Gerchow will cut through the noise, debating what works, what doesn’t, and how to build more effective security awareness programs.

Telerik.Sitefinity.Libraries.Model.Image?.AlternativeText

November 04 2025

2025 Q4 Symposium: Security Architect Symposium: What a Strategic Security Architecture Program Looks Like and How to Get There

Security architecture teams often face burnout from juggling too much engineering work or being pulled into non-architectural tasks. Misalignment with enterprise architects and challenges in demonstrating value to the organization further compound the problem. During this highly interactive event, IANS Faculty Wolfgang Goerlich will share his experience and expertise and facilitate peer-to-peer discussions that provide you actionable insights to elevate your architecture program to improve maturity, demonstrate value, and drive high-quality results

Telerik.Sitefinity.Libraries.Model.Image?.AlternativeText

November 05 2025

2025 Q4 Symposium: Securing NHIs: Service Accounts, RPA and Agentic AI Considerations

Most organizations now grapple with explosive growth in privileged non-human identities (NHIs)—from OS-scoped service accounts and SaaS tokens to RPA bots and agentic AI. Recent incidents show attackers bypassing humans entirely by abusing OAuth and app-to-app integrations to siphon data and cloud keys, underscoring how NHI compromise fuels supply-chain style breaches. This session reframes NHI security around practical lifecycle management and hard-won field lessons. We’ll cut through hype on AI agents to the real work: securing emerging protocols like MCP, tightening SaaS-to-SaaS grants, and balancing priorities between the emerging and legacy pain that still drives risk. Attendees leave with actionable architectures, governance patterns and controls that reduce NHI blast radius in imperfect, real-world conditions.

Portal Publications