• 12 Sep 2018

    Using Securolytics for enhanced IoT security

    I often say that you can't secure the things that you don't acknowledge...I can't imagine that reality applying to anything in IT or security as much as it applies to securing Internet of Things (IoT) devices that are on your network, creating risks...this very moment. The trouble with IoT devices that they can be not only hard to discover and manage but they're also extremely difficult to identify. Oftentimes, in ...

    Continue Reading...
  • 22 Aug 2018

    A great reminder about relationships in information security

    I've always believed that poor communication can make or break an information security program. So many times, I witness IT and security professionals failing to get their messages across to their audience and, worst of all, talking down to the very people whom they should be lifting up. I've written about it many times over the years: https://searchenterprisedesktop.techtarget.com/tip/Ten-ways-to-sell-security-to-management https://searchwindowsserver.techtarget.com/tip/Working-in-IT-Simple-steps-to-get-users-on-your-side https://it.toolbox.com/blogs/itmanagement/the-one-skill-worth-mastering-in-it-052814 George Bernard Shaw said something that applies nicely: “The problem ...

    Continue Reading...
  • 13 Aug 2018

    CNN news story on Omarosa getting fired from the White House that quotes me on the reality of security culture

    Security culture is everything. If you work in security, you probably already know that...For business executives, though...well, that mindset is largely absent. In fact, as this new CNN piece I'm quoted in about Omarosa secretly recording her firing in the most "secure" room of the White House highlights, talk is cheap. IT and corporate security professionals can evangelize the importance of security - especially security culture - all day long, ...

    Continue Reading...
  • 24 Jul 2018

    Check out my webinar on the big risks involving unstructured information – 2pm ET today (reading assignment links)

    Join me today at 2pm ET for my Ziff Davis webinar Addressing the Security Risks Around Unstructured Information sponsored by Citrix ShareFile. Unprotected files scattered about the network environment is one of the biggest vulnerabilities I see...and it continues to create tangible business risks for every organization. I'll talk about the risk, share some examples of what I'm seeing in my work perform security assessments, and provide some ideas on ...

    Continue Reading...
  • 17 Jul 2018

    Join me at 2pm ET today for a discussion on data breaches + reading assignment links

    The data breach numbers we see in the studies and headlines every year (day!?) are pretty amazing...It's clear that we have not just an IT challenge on our hands but a true business problem... What's behind all of the incidents and breaches? Why does it seem to be getting worse? Is there anything that can be done about it? Well, that and more is what I''l be discussing in my ...

    Continue Reading...
  • 13 Jul 2018

    Introducing my brand new vulnerability and penetration testing book: Hacking For Dummies, 6th edition

    Want to learn the essentials of vulnerability and penetration testing? Looking for insight into which testing tools you need to use to get the job done right? Maybe you need help in determining the difference between the vital few security vulnerabilities and the trivial many that sidetrack so many people? Perhaps you need help selling information security to management and keeping them on board with what you're doing? Well, if ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security appsec basics books careers censorship CISO CISSP cities compliance coronavirus covid-19 cybersecurity data breaches hacking Hacking For Dummies heads in sand health incident response information risk keynote speaker leadership macOS networked cameras passwords patching racing resilience Russian hacking SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok time management training vulnerability and penetration testing web security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.