• 19 Jul 2025

    What do truckers in the inside lanes, the Georgia State Patrol, and infosec policies have in common?

    Security policies are garbage unless someone actually enforces them. They exist to tick boxes, impress auditors, and give leadership a warm-and-fuzzy about “doing security.” But when nobody lives by them, they’re nothing but paperwork liabilities. Certainly not the safeguards many assume them to be. They're certainly not worth the paper on which they're printed, or the storage space they're occupying on the network. Security policies can be bad for business ...

    Continue Reading...
  • 09 Feb 2015

    Back to basics in information security? Proven year after year but (apparently) unattainable for many.

    I'm often wrong about many things in life...just ask my wife. However, I'm feeling a bit vindicated regarding my long-standing approach to information security: address the basics, minimize your risks. You see, more and more research is backing up what I've been saying for over a decade. It what was uncovered in the new Cisco 2015 Annual Security Report. [i.e. "Less than 50 percent of respondents use standard tools such ...

    Continue Reading...
  • 21 Jan 2015

    Øbama knows more about information security than we do

    I know it's painful to listen to our Ruler wax poetic about how great things are in America and how he's going to continue transforming society for the better...so just in case you missed last night's State of the Union and proposed initiatives, his regime wishes to "better secure" the Internet and our networks by making changes to the Computer Fraud and Abuse Act (CFAA). Here are some good reads ...

    Continue Reading...
  • 03 Apr 2013

    Regardless of the subject, people see what they want to see

    Here's a great quote by Jay Abraham that resonates with IT, information security, politics - you name it:"An amazing thing, the human brain. Capable of understanding incredibly complex and intricate concepts. Yet at times unable to recognize the obvious and simple."...

    Continue Reading...
  • 21 Jan 2013

    Student information systems rife with security flaws

    Here's an interesting story from Slashdot today about a college student being expelled after pointing out flaws in his college's student information system.What he's seeing is no surprise. Starting with my days working for IBM's EduQuest division, for the past 20 years or so I've seen numerous K-12 and higher education student information systems chock full of security flaws. Stupid, silly security flaws like SQL injection, cross-site request forgery, URL ...

    Continue Reading...
  • 25 Sep 2012

    Be it in healthcare or infosec, the short term is for losers

    With all the doctor & hospital visits I've gone (and am still going) through with family members in the past few years, I've come to the conclusion that many (most?) healthcare providers - especially those smart doctors society holds on a pedestal - absolutely cannot see the big picture. They can't think past the appointment time slot in which they're currently working, much less next year and beyond.Adding to the ...

    Continue Reading...
  • 27 Jan 2012

    You cannot multiple security by dividing it – Infosec’s relationship with Socialism

    I'm not much into urban legends and the like but came across this bit the other day and it really made me think. What a great analogy that impacts all of us both personally and professionally with some interesting information security and compliance tie-ins that I see all the time:An economics professor at a local college made a statement that he had never failed a single student before, but had ...

    Continue Reading...
  • 15 Dec 2011

    Going green’s tie-in with infosec

    If you've been following my blog and my principles for even a short period of time you've probably figured out that I pull no punches when it comes to personal responsibility and limited government. There's hardly anywhere I'm more passionate in this regard than the marketing smoke and mirrors of "Going Green" and the religion of "global warming". I should say "climate change"; that covers warming and cooling for the ...

    Continue Reading...
  • 09 Dec 2011

    Reactive security at its finest

    I've been hearing on the news about Georgia State University (@GeorgiaStateU) installing 50 new security cameras. No doubt, universities in downtown Atlanta (one of the highest-crime cities in the nation) are not fairing so well with security these days so somebody needs to do something, no?Well, Georgia State's solutions was to install more security cameras. Is this security theater at it's finest? Not totally, but it is security theater like ...

    Continue Reading...
  • 20 Nov 2011

    A new way to bleed

    I was in New York City this past week for my final keynote and related presentations for our TechTarget & CDW information security roadshow. Wow, 10 cities in eight months - what a great way to end our year. Of course, being in New York I couldn't help but notice the *constant* coverage of the Occupy Wall Street protests that ended up turning a bit ugly on Thursday - the ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.