Do We Need a Pentest?

  • Posted by barak engel
  • On August 2, 2023
  • 0 Comments
Having firmly established my reputation as the HexCISO – the security antichrist, who constantly tried to turn the security dial down, in clear violation of all the rules of cyber career and product promotions – as you know, I occasionally like to write these little pieces about down-to-earth topics in security. Very basic, non-exciting, shockingly […]
Read More

My Turn to Talk about Joe

  • Posted by barak engel
  • On October 18, 2022
  • 1 Comments
Let’s talk a little bit about the Uber/Joe Sullivan case. Yes, I know, it’s already yesterday’s news, and I’m so very late to the party. Still. As you know, I made my career in being a recurring non-officer CISO – a “virtual CISO” many, many times over, always for several companies at once. This, perhaps, […]
Read More

An Early Failure

  • Posted by barak engel
  • On September 17, 2022
  • 0 Comments
(This is an excerpt from my book, “The Security Hippie“) Since this is a book of stories, a personal story would be a good a place as any to start. And an excellent one to start with is the very same story I had shared with Dan. It is the story of how I failed […]
Read More

Breach Mongering

  • Posted by barak engel
  • On April 18, 2022
  • 0 Comments
Are you a senior, non-technology executive or board member? especially so for a public company? Have you had to deal with your CISO lately? Isn’t it just the most fun you could ever imagine having? Fifty Shades aside, let’s talk for a moment about why those conversations usually end up with only one person (not […]
Read More

An Emerging Supply Chain Problem that will RAPI-dly give you a Headache

  • Posted by barak engel
  • On February 4, 2022
  • 3 Comments
Everybody remembers at least one action movie (or MacGyver episode) where the protagonist uses a mirror to reflect a laser in order to bypass a protective grid. They often do it by redirecting the beam to fry some sensor around a corner, taking down the system in the process and gaining unauthorized access to something […]
Read More

Security and Compliance Weekly

  • Posted by barak engel
  • On December 22, 2021
  • 0 Comments
So this was cool. I got invited by Jeff Man to join him, Kat Valentine, and Fredrick Lee on this great podcast. They asked some tough questions, I believe I managed to confuse everyone, a few eggs were broken, and Jeff is the best grandpa, ever. Check it out: Part 1 Part 2
Read More

Hacking the Election – The Human Side

  • Posted by barak engel
  • On December 17, 2021
  • 0 Comments
The 2020 election might be the greatest metaphor yet of the fundamental changes that are happening in the world of global cybersecurity. Technical hacking is now being augmented, and in many cases replaced, by misinformation and disinformation campaigns, psychological warfare and social engineering, and deep fakes. I participated in an intriguing panel discussion on this […]
Read More

Preface from “The Security Hippie”

  • Posted by barak engel
  • On December 14, 2021
  • 2 Comments
Wanna hear a crazy story? Shall we go to lunch? For me, these two questions seem to be naturally interlinked. So much so that I had struck many lasting friendships while answering them, as is (for example) evident in the foreword. Let’s face it: sharing stories over food – be it next to a campfire, […]
Read More

GDPR is NOT a Data Protection Standard

  • Posted by barak engel
  • On December 10, 2021
  • 1 Comments
(this is a repost dated April 2018 from my old blog, which I thought should be preserved as it is still oddly relevant) Stop it!I swear, if one more person comes to me and asks me about hashing or encrypting data or putting it in a vault somewhere or whatever, just so they no longer […]
Read More