Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago, a history he explores in his books “Why CISOs Fail” and “The Security Hippie”.
Over the twenty years since then he has applied that model and strategy to building, managing and counseling security departments across countless and diverse organizations, including MuleSoft, Amplitude Analytics, Livenation/Ticketmaster, StubHub, Barnes and Noble, bebe Stores and many others.
His company, EAmmune, manages security programs across many such companies and verticals – he was CISO and Chief Privacy Officer for MuleSoft just prior to its $6.5 billion acquisition by Salesforce, and has seen StubHub as its CISO through the company’s $4B acquisition by ViaGoGo and its massive digital transformation project.
Barak’s first exposure to the world of cybersecurity was as a teenager, when he experimented with technology in ways that ultimately became recognized as hacking. Later, in the 1990s he became more formally introduced to the field as a student at the world-renowned Technion Institute of Technology in Haifa, Israel. Not long after that, in 1999, Barak was part of the Israeli team that helped the FBI identify and eventually arrest Ehud Tenenbaum, the infamous hacker known simply as Analyzer.
“Barak’s first notable formal role in security came in 2001 when he was appointed Head of Security (or CSO) for Webex, fresh off its IPO and growing rapidly and globally long before its acquisition by Cisco.”
In 2002, Barak was part of an entirely different security team when he helped to launch Think Security First!, America’s first cyber secure city and an ambitious program to raise the security awareness of an entire city (Walnut Creek, California, population 64,000). Partners in the initiative include Microsoft, Cisco, McAfee, AT&T, and the Department of Homeland Security.
Since 2004, in executing his vision of the role of vCISO, he has continuously held multiple formal (and usually publicly named) CISO positions at the same time in different organizations.
Barak serves on multiple board advisory positions, providing critical technology, risk, product and market insights to boards and CEOs. First gaining exposure into the intersection of business and security while at Netvision, Israel’s largest ISP during the dotcom boom, he became focused on how security will inevitably become an essential business discipline. This led him to seeking opportunities to develop his expertise in this area, starting with his work to assist Tripwire in the 2000’s in coming up with and designing the PCI compliance portion of its flagship product, helping the company recover from the dotcom bust. His track record now includes many other organizations. Barak has an excellent track record advising companies that make successful exists (e.g. 2021 acquisitions: Trustdome by zScaler, Tracedata by Netskope).
Barak’s first book “Why CISOs Fail – The Missing Link In Security Management” has been widely praised for its brutally honest assessment of why so many security leaders fail to connect effectively with their CEO and board, why that failure has created unnecessary additional risks for enterprises, and how it can be fixed. In recognition of its critical contribution to the field, the book was nominated and accepted into the Cybercannon in 2021.
Barak’s second book, “The Security Hippie”, due to be published in January 2022, aims to make the field of information security more accessible to the average reader. He attempts to do so by sharing real-life stories from his own career, highlighting the daily interactions that security has with the business, using a narrative style.
Barak’s real-world stories paint a true picture into the role of the CISO as a business enabler.
Dr. Branden R. Williams, DBA, CISSP, CISM, Author and Cybersecurity Expert