Public sector cybersecurity in Michigan spans one of the most complex and varied accountability structures in any state. The leaders in this feature are responsible for securing statewide government infrastructure, a major American city, one of the largest counties in the country, a transportation department managing critical infrastructure, and the external engagement programs that help local governments and school districts strengthen their own security posture. The environments differ. The accountability to the public does not.
Rex Menold — Chief Security Officer, State of Michigan
Rex Menold has spent nearly twenty-eight years at the State of Michigan, progressing from IT technician through analyst, specialist, manager, director, and deputy CSO before serving two years as chief technology officer and stepping into the chief security officer role in December 2025. That arc, from entry-level state IT work to the state’s top security position over nearly three decades, reflects a depth of institutional knowledge about Michigan’s government technology environment that is simply not acquirable any other way. He has watched the state’s systems evolve across multiple administrations, technology generations, and threat landscapes, and now leads the security function responsible for protecting all of it.
Andrew Dold — Chief Information Security Officer, City of Detroit
Andrew Dold’s path to the CISO seat at the City of Detroit is one of the more distinctive in Michigan’s public sector security community. He spent eleven years as director of technology and head varsity basketball coach at Divine Child High School simultaneously, then moved into information security analysis at the City of Detroit’s Department of Public Safety and Cyber Security, followed by stints at General Motors, the Detroit Zoological Society, and BASF as an ICS cyber threat intelligence analyst. Before joining the City of Detroit as CISO in March 2025, he completed nearly a year of incident response work at CISA. He teaches digital forensics and incident response as an adjunct lecturer at University of Detroit Mercy and has run HoopCoach.org, a basketball newsletter with 25,000-plus members, since 2006. The combination of ICS threat intelligence, CISA incident response experience, and deep Detroit community roots gives him an unusual profile for a city CISO.
J. Wolfgang Goerlich — Chief Information Security Officer, Oakland County
Before joining Oakland County as CISO in July 2024, J. Wolfgang Goerlich spent five years as advisory CISO at Cisco, where he led identity and zero trust initiatives across Cisco’s cloud security product portfolio including Duo Security and Umbrella. That is not a credential that typically precedes a county government role. Before Cisco, he led virtual and fractional CISO services, IAM, GRC, and data protection at CBI and was recognized by Microsoft as MVP for Enterprise Security and Azure Cloud. He is an IANS faculty member and a recognized expert on AI security, zero trust, and security leadership, speaking regularly at industry conferences. Oakland County is one of the largest and most economically significant counties in Michigan. Goerlich brings a level of enterprise security sophistication to that role that reflects how seriously the county is investing in its security leadership.
Andy Esch — Information Security Officer, Michigan Department of Transportation
Andy Esch served as information security officer at the Michigan Department of Transportation for nearly fifteen years, from 2008 through January 2023, building and sustaining the security program for a state agency responsible for critical transportation infrastructure across Michigan’s entire road network. Before moving into the ISO role, he spent sixteen years as bureau automation manager at MDOT, giving him an unusually deep understanding of the department’s systems, workflows, and operational dependencies before he became responsible for protecting them. His tenure as ISO coincided with a period of significant evolution in transportation infrastructure cybersecurity, as connected systems, traffic management technology, and digital operations expanded the attack surface of what had historically been considered a physical infrastructure environment.
Michelle McClish — State Assistant Administrator and Michigan Cyber Security External Engagements Lead, State of Michigan
Michelle McClish occupies a role that is less visible than a CISO title but arguably more consequential for Michigan’s overall security posture: she leads the state’s external cybersecurity engagement efforts, directly supporting local governments and K-12 entities that lack the resources to build mature security programs on their own. She serves as program manager for the Michigan State and Local Cybersecurity Grant Program and supports the Michigan Cyber Partners Program, a collaboration between the state’s cybersecurity office and the Michigan State Police. Before joining the State of Michigan, she served as CIO and director of information technology for Jackson County, where she secured a $1.5 million investment to overhaul the county data center and reduced operational costs by 25 percent. That local government experience gives her credibility with the municipalities and school districts she now supports.
The People Behind Michigan’s Public Sector Security Posture
What this group reflects is how much public sector security depends on people who are willing to build things inside institutions that move slowly, resource security programs cautiously, and measure success in terms that rarely make headlines. Rex Menold spent nearly three decades climbing through state government to reach the top security role. Andy Esch spent fifteen years securing a transportation department before anyone called it critical infrastructure. Michelle McClish is helping local governments that cannot afford a CISO get access to the resources and expertise they need. That kind of sustained, unglamorous commitment to public institutions is what Michigan’s government security posture is actually built on.
- Securing the Machine: Michigan’s Automotive CISOs
- Protecting Michigan’s Patients: The State’s Healthcare CISOs
- Michigan’s Food and Beverage CISOs: Securing the Supply Chain from Field to Fork
- The CISOs Protecting Michigan’s Campuses, Classrooms, and Research
- Trust, Risk, and the CISOs Protecting Michigan’s Financial Institutions
- CISOs to Watch: Michigan’s IT Security Leaders Are Solving Problems Far Beyond State Lines
