• 12 Jun 2025

    A look at Charles Cresson Wood’s Internal Policies for Artificial Intelligence Risk Management

    I’ve known Charles Cresson Wood for a long time, both as a trusted business colleague and a friend. You may know him as the creator of the original masterpiece on information security policies over two decades ago: Information Security Policies Made Easy. Charles and I have worked together on a few projects over the years, and what’s always stood out to me is his ability to tie together security, legal, ...

    Continue Reading...
  • 07 Mar 2020

    Speaking engagement for ALAS in Phoenix was a big success!

    I had the opportunity to be invited to speak at the Attorney's Liability Assurance Society (ALAS) 2020 Cybersecurity Conference in Phoenix, AZ last week, and it was awesome. With a great group of 220 law firm IT leaders and general counsel professionals, I presented Beyond the Policies: Top 5 Security Findings (that I see in literally every security assessment I perform). I also served as a panelist for a lively ...

    Continue Reading...
  • 22 Aug 2014

    CISOs, lawyers, awareness training, and other infosec blunders you need to know about

    I've been super busy putting my twisted thoughts on paper...here are a few pieces you might enjoy:When your lawyer becomes your CISO  The compliance crutch holding up Corporate AmericaThe fallacy of information security awareness and trainingThe one skill worth mastering in ITQuantifying the disconnect between the business and securityThe critical item that’s missing from most IT security programsWhat's your one hot button security item? Top detractors of security oversight The funny ...

    Continue Reading...
  • 26 Apr 2013

    Clueless in the cloud – think before you act

    A recent Network World piece about an RSA 2013 panel that covered cloud forensics and whether or not your cloud providers will be able to come through for you in the event of a lawsuit or breach bringing some critical pitfalls of cloud computing.  Two things are certain:If you're lucky enough for your business to be around for the long haul, odds are that it'll ultimately be hit with a ...

    Continue Reading...
  • 22 Mar 2012

    An interesting Microsoft tool to help with data classification

    Have you ever heard of Microsoft's Data Classification Toolkit for Windows Server 2008 R2? Me either. But it may be worth taking a look at. The lack of data classification and proper retention is at the core of many IT risks not to mention legal and compliance issues. You can't secure (or protect, or retain, or dispose of) what you don't acknowledge. If the Data Classification Toolkit is anything like ...

    Continue Reading...
  • 10 Feb 2012

    Video: The one infosec skill you need to be working on

    Develop and maintain this one skill and you'll position yourself to be a much more valuable information security professional:  ...

    Continue Reading...
  • 11 May 2011

    The new IT skill you *must* develop

    Yesterday I had lunch with some colleagues who are lawyers that focus their work in/around compliance, intellectual property and cloud computing. It was neat to hear their perspective on where things are headed in IT. We came to the conclusion that IT professionals are going to have to learn as much as they can about the legal side of what we do.I'm not talking compliance in general but also contracts, ...

    Continue Reading...
  • 20 Apr 2011

    Legalese in email footers is useless

    Ever get annoyed by those email footers telling you what you can or cannot do with the email you just received? Yeah, me too. Here's an interesting bit from Consumer Reports that talks about how those legal disclaimers in email footers may be legally useless.It's funny, every time I see them (they're in about 60-70% of the non-spam emails I recieve) I think it's yet another representation of the American ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.