• 08 Jan 2008

    Thought for the day on security getting in the way

    Here's a great quote I was reminded of that made me chuckle thinking about how information security controls often result in the same outcome...From the business master himself:"Most of what we call management consists of making it difficult for people to get their work done." -- Peter Drucker...

    Continue Reading...
  • 06 Dec 2007

    Stupid policies are ignored by those with an agenda

    On a similar note regarding my previous post on the Omaha mall incident, apparently the mall has a policy against concealed weapons - and apparently (I haven't confirmed) there's a Nebraska state law backing such policies in private businesses in that state. This event not only shows how vulnerable we really are but it's also a classic case of stupid policies/laws such as this ONLY apply to law-abiding citizens.In the ...

    Continue Reading...
  • 06 Dec 2007

    When seconds count, how long will it take for you to respond?

    I was listening to Neal Boortz's radio talk show this morning about the tragedy that occurred at the Omaha mall yesterday. A caller brought up the old saying "When seconds count, the police are only minutes away." This made me think about all the organizations out there who don't have an IT-centric incident response plan - or at least don't have one that's adequate enough to respond to real security ...

    Continue Reading...
  • 02 Oct 2007

    What’s it going to take to encrypt laptop drives?!

    So, the latest in the lost laptop world is that 800,000 job applicants of Gap, Inc. now have their personal information exposed. Apparently the laptop was stolen from the office of an "experience third-party vendor". Experienced in what? Not taking security seriously? Apparently the contractor wasn't using encryption which was in violation of an agreement it had with Gap, Inc. You mean contracts aren't enough to protect information? Go figure.Gee ...

    Continue Reading...
  • 27 Sep 2007

    Security is a Choice

    As the saying goes, the more things change they more they stay the same. It suits what's happening with security just perfectly. It's common knowledge that computer security is a problem that affects every business and every individual in some way. Security best practices are available. The rules have been laid down. Why are breaches still occurring?I think to myself, on the surface there's:information systems complexityuntrained IT staffpeople not using ...

    Continue Reading...
  • 05 Sep 2007

    Why I love testing Web applications

    I get the question "What part of security do you like the best?" quite often. The first part of my response is always "security testing". Any given network has lots of weaknesses - regardless of how much it's locked down and I love trying to find and point out all the flaws. [My wife used to say I was really good at pointing out other flaws, but I've since worked ...

    Continue Reading...

Resources

view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security appsec basics books careers censorship CISO CISSP cities compliance coronavirus covid-19 cybersecurity data breaches hacking Hacking For Dummies heads in sand health incident response information risk keynote speaker leadership macOS networked cameras passwords patching racing resilience Russian hacking SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok time management training vulnerability and penetration testing web security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

For your convenience I accept