-
21 Sep 2010Just run down the checklist – that’s “good enough”
No offense to my auditor friends/colleagues and all the hands-on auditors of the world who DO know their stuff...Here's a new piece I wrote about one of the greatest impediments to reasonable information security in business today:Why do so many people buy into “checklist” audits?...goes back to the compliance crutch mentality that my colleague Charles Cresson Wood and I wrote about last year. Time to move on?? Looking at how ...
Continue Reading... -
20 Sep 2010
Be careful what you ask for
Richard Carlson once said "Be careful what you ask for....sometimes your life is pretty darn good exactly the way it is." He went on to say "Think carefully through what it is you think you want, because you just might end up getting it, which is often more than you bargained for - more frustration, more grief, more travel, more responsibility, more conflict, more demands on your time, and so ...
Continue Reading... -
17 Sep 2010
Are your high-tech devices enslaving you?
I saw a recent Don't Sweat the Small Stuff calendar quote where Richard Carlson said:"It's important to see when your high-tech communication devices actually limit your freedom, enslaving you instead of providing new opportunities for growth." Wow, how true that is! Ever tried to not look at your emails or answer phone calls when you're out and about with your family or taking some time to yourself? Especially when you're ...
Continue Reading... -
08 Sep 2010
Security’s not just an executive decision
I recently came across this quote by Peter Drucker that struck a chord:"Most discussions of decision making assume that only senior executives make decisions or that only senior executives' decisions matter. This is a dangerous mistake."It reminds of how certain executives decide that information security is something that doesn't affect their business regardless of what others are telling them. I'm sure many of these executives' subordinates are ready and willing ...
Continue Reading... -
08 Sep 2010
Good rule of thumb for information security
Thomas Jefferson once said:"Learn to see in another's calamity the ills that you should avoid." If you want to manage information risks and keep your business out of hot water I can't think of a better principle to work by....
Continue Reading... -
02 Sep 2010
Crunch risk numbers or fix the obvious?
My colleague Ben Rothke (@benrothke) recently wrote a good piece on basing information security decisions on good data. I like his approach - it'll make you think. It's true we do need good data so we can make better decisions. Sadly, we often don't have the data or, if we do, we're not qualified to interpret it.Maybe it's just me but I don't believe my degrees in computer engineering and ...
Continue Reading... -
27 Aug 2010
Work harder on yourself than you do on your job
Many people want to take the easy path that promises to lead them to their riches rather than work hard over the long term and earn it the good old-fashioned way. It's the lottery mentality. James Allen said it best:"Men are anxious to improve their circumstances, but are unwilling to improve themselves; they therefore remain bound." Want to get begin improving your circumstances in your life and in your IT/security ...
Continue Reading... -
23 Aug 2010
Panic is not a strategy
Seriously...it's not.In this new piece I wrote for Security & Technology Design magazine, I talk about the lack of incident response planning being one of if not the biggest risk in any given organization...and what you can do about it:Incident response: The biggest security gaffe of all?If anything, never forget what Captain Chesley Sullenberger said after he landed U.S. Airways flight 1549 into the Hudson River last year:"I didn't have ...
Continue Reading... -
23 Aug 2010
Common sense counts the most
A great quote I heard over the weekend has a direct tie-in to what we focus (or don't focus) our efforts on in information security. NASCAR champion Ned Jarrett said:"There's nothing stronger when you're trying to get something done than common sense."I couldn't agree more.In the realm of IT and managing information risks, I'll take common sense over book smarts any day....
Continue Reading... -
19 Aug 2010
Have you told someone “no” lately? It’s good for you.
Jack Canfield had a great quote that relates well to information security (and the lack of time to manage it) as well as our overall careers. He said:"Success depends on getting good at saying no without feeling guilty. You cannot get ahead with your own goals if you are always saying yes to someone else's projects. You can only get ahead with your desired lifestyle if you are focused on ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
