• 01 Apr 2011

    Web security tidbits on developers, leadership, weak passwords & more

    Here are a few pieces I've written recently on Web application security you may be interested in...things that affect each and every one of us working in IT and infosec:I wouldn’t want to be a developer these daysDon’t overlook the importance of authenticated testingYou can’t change what you tolerateTesting for weak passwords: a common oversight without a great solutionHow often should you test your web applications?Notable changes in the PCI ...

    Continue Reading...
  • 20 Mar 2011

    Getting your ducks in a row with cloud compliance

    Cloud, cloud, cloud - it's all we're hearing about these days. Frankly I'm over the hype - have been for a while...But whether or not we buy into all this hoopla over "the cloud", the technologies and associated security risks and compliance headaches aren't going anywhere. With that here are a couple of new pieces I've written for SearchCompliance.com that you may be interested in:The cloud’s compliance complexities you cannot ...

    Continue Reading...
  • 07 Mar 2011

    Disaster recovery & security plus e-discovery & records management

    Here are some recent articles I wrote for TechTarget's SearchDisasterRecovery.com and SearchCompliance.com on the relationships between DR planning and information security as well as records management and the dreaded e-discovery process. Serving as an expert witness on various information security cases, I can assure you that you'll want to be prepared for both - especially the latter:Disaster recovery security: The importance of addressing data security issues in DR plansLeaning on ...

    Continue Reading...
  • 04 Mar 2011

    My upcoming information security speaker roadshow

    Thanks to TechTarget and CDW starting this month I'm embarking on an 11 city speaking tour across the U.S. Along with my colleague Pete Lindstrom, we'll be speaking/ranting about all sorts of network security and data protection stuff including:Embedding Security into the Network—Building Defense in DepthSecuring your Presence at the Perimeter: Contrary to Popular Belief, you do still have a Network PerimeterLocking Down Server and Workstation Operating Systems: A Critical ...

    Continue Reading...
  • 02 Mar 2011

    Data breach statistics show that problems still exist

    Have you checked out the Chronology of Data Breaches lately?...Very interesting stats on known data breaches. I peruse the site through every now and then and it seems that every time I do there's an organization that 1) I've done business with (for personal stuff) or 2) as in the case of MicroBilt Corporation's breach posted last week they're right down the road from me.Does the six degrees of separation ...

    Continue Reading...
  • 02 Mar 2011

    My roundtable tomorrow on the state of IT compliance

    Join me and my colleagues/friends Becky Herold (The Privacy Professor) and Scott Woodison (security manager extraordinaire) on Focus.com tomorrow at 2pm ET where we'll be talking about:Compliance vs. managing information risks - there is a differenceCommon compliance-related mistakesRecent changes to information security and privacy regulations and how they affect youRecommendations on what your business can do to get its arms around the compliance beastIt'll be laid back yet informative...we'll no ...

    Continue Reading...
  • 02 Mar 2011

    The real numbers behind lost laptops

    Here's a recent piece I wrote for my friends at SearchCompliance.com regarding the lost laptop problem and what it's costing businesses:The Billion Dollar Lost Laptop – What’s it costing your business?I've seen some naysayers out there stating that there's no way a lost laptop could match up to Ponemon's figures. I say why find out!? Whatever the cost, the solutions for laptop security are simple once the choice is made ...

    Continue Reading...
  • 03 Feb 2011

    Don’t just do something, sit there.

    Seriously, it's time to kill the #KillSwitch bill that I've written about recently. It's dangerous, it's not what America is about and it's only going to make things worse for our country, our economy and our personal liberty.Here's some more details along what you can do about it today:http://www.downsizedc.org/blog/new-initiative-kill-the-kill-switch-bill...

    Continue Reading...
  • 31 Jan 2011

    The Egyptian uprising tie-in with the U.S. Internet kill switch

    The people rioting in Egypt against their oppressive government and the subsequent blocking of the Internet is an interesting issue that has a global reach. Foreign policy aside, have you stopped to think about the ramifications of the cybersecurity "kill switch" bills that our measly politicians are trying to force upon us?As I wrote previously, the proposed Rockefeller-Snowe Cybersecurity Act of 2009 (Senate Bill 773) and Lieberman-Collins-Carper Protecting Cyberspace as ...

    Continue Reading...
  • 23 Jan 2011

    Cybersecurity schmybersecurity

    Here are a couple of #cybersecurity pieces I authored for TechTarget's SearchCompliance.com regarding the proposed Rockefeller-Snowe Cybersecurity Act of 2009 (Senate Bill 773) and Lieberman-Collins-Carper Protecting Cyberspace as a National Asset Act of 2010 (Senate Bill 3480):Why the Cybersecurity Act is better for government than businessIs the latest cybersecurity bill an Internet takeover by the fed?You know how I am about government growth and its intrusion into the free market. ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.