-
22 Aug 2018A great reminder about relationships in information security
I've always believed that poor communication can make or break an information security program. So many times, I witness IT and security professionals failing to get their messages across to their audience and, worst of all, talking down to the very people whom they should be lifting up. I've written about it many times over the years: https://searchenterprisedesktop.techtarget.com/tip/Ten-ways-to-sell-security-to-management https://searchwindowsserver.techtarget.com/tip/Working-in-IT-Simple-steps-to-get-users-on-your-side https://it.toolbox.com/blogs/itmanagement/the-one-skill-worth-mastering-in-it-052814 George Bernard Shaw said something that applies nicely: “The problem ...
Continue Reading... -
17 May 2017My new content on preventing ransomware + infosec leadership and careers
From ransomware to IT and security leadership and careers - they all sort of go hand-in-hand. Here's some new content for you to check out: Five ways to prevent a ransomware infection through network security An unfunded mandate is not a mandate How top IT pros stand apart Using unrealized IT talent to your advantage Great ways to get management on your side with application security The side-effects of miscommunication ...
Continue Reading... -
18 Jul 2014
How to communicate Web security to management, must-have security testing tools, and compliance in the cloud
Check out these new pieces I've written and recorded on Web application and cloud security. If you follow the things I recommend on communication (first three links), you can absolutely transform your information security program and the way that people perceive you as an IT professional.Communicating with Management about Web Security, Part 1 - Knowing What You're Up AgainstCommunicating with Management about Web Security, Part 2 - Prioritization and Sending ...
Continue Reading... -
10 Jun 2014
Pitching your ideas in IT
If you work in IT, your communication and selling skills are more important than anything you can ever do technically. This includes "pitching" your ideas to your audience - typically management and users. As a speaker, I often struggle with new approaches for pitching my ideas.Here's a good Success.com Q&A with Shark Tank's Daymond John to help remind us of what people are looking for. I especially like where Daymond ...
Continue Reading... -
19 Feb 2014
Step up or step aside, somebody needs to fix your security woes
I just got off of phone call with some friends/colleagues where we were discussing the latest security trends. After talking it occurred to me that we're basically going backwards in time with information security. It seems with the Target breach, stupid passwords people are still using in 2014, and even today's new SANS-Norse healthcare security report, it just keeps piling up as if nothing works.But it can work - if ...
Continue Reading... -
13 Jan 2014
How do you exercise your “power” in IT?
My new favorite quote I came across recently is the following from Ayn Rand: "Economic power is exercised by means of a positive, by offering men a reward, an incentive, a payment, a value; political power is exercised by means of a negative, by the threat of punishment, injury, imprisonment, destruction. The businessman's tool is values; the bureaucrat's tool is fear."...interestingly, her quote applies directly to IT and security by ...
Continue Reading... -
25 Mar 2013
Default to F.U.D. and everything’ll be okay
If you can't convince them, confuse them. That's what Harry Truman once said and it reminds me of many IT and information security professionals. They struggle to communicate effectively so they just take the lawyer route and attempt to make things even more confusing...and we wonder why many people outside of IT don't take us very seriously....
Continue Reading... -
30 Jan 2013
What’s your communication style?
Great IT & infosec-related quote:"Wise men talk because they have something to say; fools, because they have to say something." -PlatoGood communication is arguably the most important factor for success....
Continue Reading... -
15 May 2012
IT’s malignant narcissism and what you can do to rise above the noise
IT department optimism does not translate into IT department budget. That's what Jonathan Feldman wrote about in this Information Week piece. Their study provides lots of interesting insight into how many working in IT see things compared to, well, the rest of the business. I'm not surprised. While we're on the subject, I've recorded a video on IT's role in fixing this problem and wrote a new piece for TechTarget's ...
Continue Reading... -
27 Apr 2010
How to become a better presenter
There are a lot of unknowns in IT but one thing's for sure: if you're going to be successful in your job and move up the career ladder you have to sharpen your presentation skills. Here's a new piece I wrote that'll help you get started down the right path:Eight tips every IT pro can use towards becoming a better presenter...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
