• 11 Jan 2011

    Tidbits on MS security, MBSA vs. the competition & cloud backups

    Here are a few new articles I wrote for TechTarget where I talk about IIS 7.5 security, encrypting Windows Server drives, MBSA vs. commercial vulnerability scanners and the dearly beloved cloud backup services. Enjoy!How vulnerable is Microsoft IIS 7.5 to attacks?Pros and cons of Windows Server drive encryptionWeighing MBSA against paid vulnerability scannersPreventing online backup security threats to your network...

    Continue Reading...
  • 06 Dec 2010

    Unbelievable #s in the new Billion Dollar Lost Laptop Study

    I spent last Thursday in San Francisco at a press briefing held by Intel's Anti-Theft Technology group regarding the new Ponemon Institute Billion Dollar Lost Laptop Study. Larry Ponemon's study found that businesses are losing billions of dollars through lost and stolen laptops - something I wrote about three years ago...and a problem that's been around even longer.Malcolm Harkins (Intel's CISO), Anand Pashupathy (GM of Intel's Anti-Theft Services), Larry Ponemon ...

    Continue Reading...
  • 11 Nov 2010

    Internet Password Breaker – yet another reason to encrypt your laptops

    Elcomsoft just released their new version of Elcomsoft Internet Password Breaker which now supports Chrome, Opera, Safari and Firefox. In essence the program can recover passwords, sensitive form data and so on that users have conveniently stored in their browsers for the past, oh, several years. Furthermore, the tool can now instantly recover Microsoft Outlook, Outlook Express, Windows Mail and Windows Live Mail account info, user IDs, passwords and cached ...

    Continue Reading...
  • 03 Dec 2009

    Another file/folder security option

    One of the biggest vulnerabilities I come across in my security assessments is sensitive information scattered about unprotected drives/shares. Solutions to this dilemma include locating/classifying different information types, locking down shares and file permissions, and encrypting information on mobile devices. If the latter option interests you there's a new company I stumbled across called New Softwares.net that sells very reasonably-priced software that can help. I haven't tried it out yet ...

    Continue Reading...
  • 16 Nov 2009

    BitLocker and Windows 7 – Things you need to consider

    I was recently asked to write a whitepaper on considerations for Bitlocker in Windows 7. While doing my initial research I learned a lot about BitLocker and discovered some new ideas and approaches for managing sensitive data. In this whitepaper I cover:Why data encryption mattersBitLocker’s new features in Windows 7Operational concerns you need to think aboutUsability issues that can create problemsPotential compliance and security gaps you don’t want to overlook…and ...

    Continue Reading...
  • 05 Oct 2009

    National Archives does it again!

    You may recall my appearance on CNN television earlier this year when a hard drive went missing from the National Archives and Records Administration. Well, apparently some lessons don't sink in. This time around the National Archives folks sent an unsecured hard drive containing personal info on 70 million+ veterans to a vendor for "repair and recycling" (huh?). Apparently an employee subverted a policy then had to go on leave ...

    Continue Reading...
  • 09 Sep 2009

    Loving BitLocker so far…

    I recently wrote about Windows BitLocker's false sense of security and I've made it loud and clear that I'm a big advocate of encrypting mobile drives. Well, since I had to reload my laptop recently I decided to take the plunge into Windows 7 la la land and, at the same time, decided to try out BitLocker rather than reload PGP whole disk encryption. I don't know if I'm missing ...

    Continue Reading...
  • 22 Jun 2009

    Charles Schwab hard drive removed & then stolen

    Yet another one for the hall of shame list. You know how I am about it, I'm sure this hard drive was encrypted. ;-)...

    Continue Reading...
  • 22 Jun 2009

    Windows BitLocker’s false sense of security

    In this piece Tony Bradley provides some great insight into how Windows BitLocker "drive" encryption works in Vista and Windows 7. Actually BitLocker is not drive - or whole-disk - encryption after all...As Tony states it's more like whole-volume encryption.Keep this in mind when securing your laptop and mobile drives. This could create a pretty serious false-sense of security that everything's locked down when indeed it's not. Same as the ...

    Continue Reading...
  • 03 Jun 2009

    Secret list of nuclear sites released “by accident”

    Apparently our Imperial Federal Government can't even follow its own rules for information privacy and security. It was just announced that a secret list of nuclear sites was released "by accident".First of all, "accidents" are like "computer glitches" - there's almost always human error behind them. Do you see the irony here? How is heavily-regulated private industry to be expected to lock everything down when the very entity writing OUR ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.