Breach Mongering

  • Posted by barak engel
  • On April 18, 2022
  • 0 Comments
Are you a senior, non-technology executive or board member? especially so for a public company? Have you had to deal with your CISO lately? Isn’t it just the most fun you could ever imagine having? Fifty Shades aside, let’s talk for a moment about why those conversations usually end up with only one person (not […]
Read More

An Emerging Supply Chain Problem that will RAPI-dly give you a Headache

  • Posted by barak engel
  • On February 4, 2022
  • 2 Comments
Everybody remembers at least one action movie (or MacGyver episode) where the protagonist uses a mirror to reflect a laser in order to bypass a protective grid. They often do it by redirecting the beam to fry some sensor around a corner, taking down the system in the process and gaining unauthorized access to something […]
Read More

Security and Compliance Weekly

  • Posted by barak engel
  • On December 22, 2021
  • 0 Comments
So this was cool. I got invited by Jeff Man to join him, Kat Valentine, and Fredrick Lee on this great podcast. They asked some tough questions, I believe I managed to confuse everyone, a few eggs were broken, and Jeff is the best grandpa, ever. Check it out: Part 1 Part 2
Read More

Hacking the Election – The Human Side

  • Posted by barak engel
  • On December 17, 2021
  • 0 Comments
The 2020 election might be the greatest metaphor yet of the fundamental changes that are happening in the world of global cybersecurity. Technical hacking is now being augmented, and in many cases replaced, by misinformation and disinformation campaigns, psychological warfare and social engineering, and deep fakes. I participated in an intriguing panel discussion on this […]
Read More

Preface from “The Security Hippie”

  • Posted by barak engel
  • On December 14, 2021
  • 2 Comments
Wanna hear a crazy story? Shall we go to lunch? For me, these two questions seem to be naturally interlinked. So much so that I had struck many lasting friendships while answering them, as is (for example) evident in the foreword. Let’s face it: sharing stories over food – be it next to a campfire, […]
Read More

GDPR is NOT a Data Protection Standard

  • Posted by barak engel
  • On December 10, 2021
  • 0 Comments
(this is a repost dated April 2018 from my old blog, which I thought should be preserved as it is still oddly relevant) Stop it!I swear, if one more person comes to me and asks me about hashing or encrypting data or putting it in a vault somewhere or whatever, just so they no longer […]
Read More
The CISO Reimagined

The CISO Reimagined

  • Posted by barak engel
  • On October 1, 2020
  • 0 Comments
We know now how security management shouldn’t work. But where does that leave us? To answer the question, this being a book and all, let’s attempt to craft a new paradigm. We are building a new structure, and we should start with the foundation. Here is one statement you could insert at the top of […]
Read More
“You’ve done security before, right?”

“You’ve done security before, right?”

  • Posted by barak engel
  • On September 21, 2020
  • 0 Comments
Let me share a personal story, about how my formal career in security started. “You’ve done security before, right?” I was sitting in my quite typical Silicon Valley office. An actual office, mind you—while open-space was becoming all the rage, it still had not infected every company to the degree that it has today, and […]
Read More
The Wrong Way To Look For A CISO

The Wrong Way To Look For A CISO

  • Posted by barak engel
  • On September 19, 2020
  • 2 Comments
One of the key topics I address in my book Why CISOs Fail is how companies repeatedly and recurrently hire wrong. They will hire smart, experienced people, and then set them up to fail, frustrating them out of the job in a couple of years. Or they will hire not-so-great but confident-seeming people, and let […]
Read More