-
14 Nov 2011For incidents, preparation is key…But you’ve been hacked, now what?
Here are some new pieces I've written for TechTarget and Security Technology Executive magazine on compliance that you may be interested in:Preparing for an incident at the workstation levelDevelop a Flight PlanHow to know if your website has been hacked As always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
05 Oct 2011
Information security’s bond with e-discovery is strengthening
We're seeing more and more how information security and e-discovery go hand in hand. Here are two new pieces I've written that delve into the subject. I hope you enjoy.Information security’s tie-in with the e-discovery processLax enterprise mobile device management hampers e-discoveryAs always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
31 Aug 2011
Talk is cheap: Time to rethink your data retention strategy (or lack thereof)?
Here's a fascinating story about a court case involving data retention you need to read. And pass it along to your management as well. It talks about how businesses aren't doing what they need to be doing with regard to data retention and how decisions are being made for us by the courts. Interestingly most businesses I come across (large and small) don't have any semblance of a data retention ...
Continue Reading... -
08 Jun 2011
Weiner fallout: “I got hacked” is the new scapegoat
I recently met up with some technology lawyer colleagues after work and we shared our thoughts on the Anthony Weiner "incident". We were talking about how early on in the saga no one but Weiner and the lucky recipients of his tweets really knew what the truth was. Predictably, as we're seeing and hearing more and more these days, Weiner came out and said "I was hacked. It happens to ...
Continue Reading... -
29 Apr 2011
Nikon Image Authentication vulnerability
The fine folks at @Elcomsoft have discovered yet another security flaw in digital cameras. First it was Canon. This time it's Nikon - specifically Nikon's Image Authentication Software.Elcomsoft researchers found that the way the secure image signing key is being handled in the camera is flawed. This allowed them to extract the original signing key and then produce manipulated images that appear to be legit. I could see this being ...
Continue Reading... -
07 Mar 2011
Disaster recovery & security plus e-discovery & records management
Here are some recent articles I wrote for TechTarget's SearchDisasterRecovery.com and SearchCompliance.com on the relationships between DR planning and information security as well as records management and the dreaded e-discovery process. Serving as an expert witness on various information security cases, I can assure you that you'll want to be prepared for both - especially the latter:Disaster recovery security: The importance of addressing data security issues in DR plansLeaning on ...
Continue Reading... -
19 Jan 2011
Good bits to share about computer disposal
Here's a good short read from SANS (@sansinstitute) you can share with your non-technical family members, friends & neighbors on why they need to careful when disposing of their computers and how they can do it properly....
Continue Reading... -
20 Dec 2010
Tips and tricks on e-discovery, forensics, and managing esi
Here are a few pieces I wrote and recorded for SearchCompliance.com on managing all that electronic data on your network that you're constantly drowning in...Leaning on records management can take the angst out of e-discoveryWhy you need to create an ESI strategy (webcast)Why you need to create an ESI strategy (podcast)What is computer forensics technology? Does it help compliance?...
Continue Reading... -
11 Nov 2010
Internet Password Breaker – yet another reason to encrypt your laptops
Elcomsoft just released their new version of Elcomsoft Internet Password Breaker which now supports Chrome, Opera, Safari and Firefox. In essence the program can recover passwords, sensitive form data and so on that users have conveniently stored in their browsers for the past, oh, several years. Furthermore, the tool can now instantly recover Microsoft Outlook, Outlook Express, Windows Mail and Windows Live Mail account info, user IDs, passwords and cached ...
Continue Reading... -
31 Aug 2010
NetScan Tools LE – a must-have for investigators
Have you ever had a need to run a program and get a relatively small amount of data just to do your job but end up getting caught in the complexity of the application and not getting what you need after all? That's happened to me a bunch.Well, NorthWest Performance Software (makers of a long-time favorite of mine: NetScanTools Pro) has a new tool that helps resolves this problem called ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
