The Security Hippie is Barak Engel’s second book. As the originator of the “Virtual CISO” (fractional security chief) concept, he has served as security leader in dozens of notable organizations, such as Mulesoft, Stubhub, Amplitude Analytics, and many others.


The Security Hippie follows his previous book, Why CISOs Fail, which became a sleeper hit, earning a spot in the Cybercannon project as a leading text on the topic of information security management.

In this new book, Barak looks at security purely through the lens of story-telling, sharing many and varied experiences from his long and accomplished career as organizational and thought leader, and visionary in the information security field. Instead of instructing, this book teaches by example, sharing many real situations in the field and actual events from real companies, as well as Barak’s related takes and thought processes.

A Word From Barak

“The news media seems to have recently gotten around to the idea that security is something that is worth reporting, but … that reporting is, shall we say, not all that. We get the big stuff, like huge consumer privacy breaches, delivered in an all too familiar staccato cadence that is designed to get your attention and keep it there, without actually telling you anything.

Lots of drama, fire and brimstone, but let’s face it, none of is very relatable.

It’s stuff that happens over there, and while it sounds scary and can definitely hurt us, we don’t really
understand it. So we roll our eyes at these tech people and move on… But the truth is, so much of this field happens here, and happens all the time. We just don’t see or pay attention to it, because nobody ever points it out to us.

So please, have a blast. Laugh with me. Laugh at me. Roll your eyes. Come back and tell me I’m
clever, or maybe stupid; I’m easy enough to find. Ultimately, this is what these stories are for, and what
all stories are for – to help us relate. This field desperately needs more of that.”


“Good storytelling is both an art and a gift. When mixed with real world experiences, they can combine to create a masterpiece. The Security Hippie masterfully uses real world experiences and compelling storytelling to paint a picture of what real life looks like in the security profession, and in doing so, becomes that masterpiece.”

– Brian Ahern, CEO, Threatstack

“The Security Hippie tells stories about what it takes to have a career in security with plenty of learning moments and laughs along the way. Security is a field that is all about ethics, trust, and often, finding out who you shouldn’t trust. Security professionals have a moral obligation to call things out when they see them and Barak’s career narrative serves as a prime example of how we should all play a role in protecting society.”

– Nick Santora, CEO, Curricula

“We are all wired to soak up stories and narratives – and that is where this focused, well-organized and colorful collection of information security anecdotes really shines. An important reminder that career success in the world of information security demands not just technical aptitude, but solid communications, problem-solving and even diplomatic skills. And a little snark doesn’t hurt! If you like to laugh while you learn, give this short book a read.”

— Ben Smith, Field CTO at RSA Security