ArchiveOODA Original

OODA Network Interview: Joel Wallenstrom

This post is based on an interview Joel Wallenstrom, CEO and President at Wickr.  It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the great people that make our continued research and reporting possible.  For the full series see: OODA Expert Network Bio Series.

Career Progression:   Joel grew up in Seattle surrounded by smart computer geeks.  He understood the importance of new technologies, admiring how they would transform the way we move people and products around the world.  He took a few programming classes. He recalls sitting in computer lab and realizing he could never compete with this type of engineer.  “I was a climber and a surfer.  I admired the way my classmates could make computers do so many cool things, but I knew I’d never be able to contribute much in that way.”  Joel says.

While he was in Graduate School, then President Clinton passed the Telecommunications Act of 1996, the first real overhaul of telecommunications law since the Internet.  This law opened up competition in communications by allowing any business to compete in any market.  Joel immediately recognized that this would create a “Wild West” environment where a ton of investments would be made.  He wanted to be part of it.

While in college, Joel did some work for a marketing company that used algorithms to better target their offerings to the customer.  This was in the very early days of data sharing for marketing purposes.  He could see it would become a big money maker, but he didn’t like the implications.  He turned his focus to the security and privacy world.

After college, Joel took a job at @Stake, one of the first professional security companies.    Composed mostly of hackers, he enjoyed working with this group of early “Grey Hat” folks who employed their skills to make companies more secure.  “There was a huge increase in professional service companies in the early 2000’s.” Joel says.   “They needed us to fix things for them and we wanted to grow as fast as they did.  We scaled up the legal, HR, finance department as quickly as we could.  But we couldn’t find skilled hackers to hire.  In retrospect, we should have spent less on infrastructure and more on employee training.”

After @Stake was acquired by Symantec in 2004, Joel and a few of his colleagues founded iSEC Partners.  “At the time, everyone was focused on Network Security.  We knew application security was just as important.  We pulled together a team of the world’s best mobile security experts.”  Many of them relied on scare tactics to force a company into making changes.  iSEC developed a reputation of working with companies with empathy and understanding, helping them to solve their security problems instead of exposing them as failures.

As he contemplated the next steps to grow iSec Partners, Joel knew he would need to add in a sales team and additional corporate infrastructure.  But he really wanted to “build something” and pursue a new intellectual challenge.  He sold the company and took some time off with his family.  He left San Francisco to spend a year in South America, exposing his three children to different cultures and languages and enjoying family time.

Joel joined Wickr in 2017 to help them move their products from consumer use to enterprise wide usage.   Wickr employs a forward and backward encryption process, coupled with seven-day content expiration.  “Privacy is more than just being able to do something without attribution.  It’s a Fourth Amendment right!  As we move pretty much everything over to the digital space, it becomes more and more important.  I want to be part of this solution.”

Surprises:    Joel is surprised at the disdain Silicon Valley has for security and privacy.  “We are the red-headed stepchild of innovation” Joel says.  Joel notes that the Government, with their long-ingrained preference for defined rules, roles and responsibilities, has an advantage over Industry in some ways.  “Government has always been engaged in data identification and identity management in a way most companies don’t think about.  If you are trying to secure your data, you first have to know what data you want to secure, and who can have access to it.  Industry struggles with that.”  Joel notes that “Google is creating the technologies first, and then defining the rules.  That’s backwards.”

Technologies you are watching:  Of course, Joel is interested in all the technologies that are being deployed to collaborate during the Pandemic.  He watches as the technology concerns are overlaid by geopolitical debates in ways previously unimaginable.  “Messaging Layer Security (MLS) is also incredibly interesting.  It might change the way we do message encryption.” Joel notes.  Joel is also watching the unprecedented collaboration efforts between Google and Apple to do contact tracing in response to COVID 19.

Technology threats you are interested in: “We need to create a data transport where the service provider can’t get access to your information for monetization. It’s a very complex problem when you consider firewall rulesets being automatically updated by machines.” Joel says.  He is often consulted on pressing election questions as the country wrestles with keeping communications in appropriate channels.

Views on Thought Leaders:  Joel worked with Dan Geer at @Stake and has found his mentorship invaluable.  He also follows some of the practical guidance on privacy and security from Phil Venables at Goldman Sachs Bank.  He considers the thoughtful and rigorous pro-privacy advice from Matt Green at Johns Hopkins University to be valuable.

Quick Hits:

Book Recommendation: 

Chris Ward

Chris Ward

Chris Ward (Commander, U.S. Navy (Retired)) has over 30 years of experience helping the Department of Defense (DoD) solve difficult technology requirements. She has a proven track record of building, maintaining, securing and certifying technology solutions for use within DoD. She works with Industry to identify key opportunities and provides strategic guidance and support. She is a strategic analyst and cybersecurity professional who has deep expertise in improving enterprise cybersecurity.