-
15 May 2017The real reasons behind the WannaCry ransomware
As we continue down the path of yet another major security breach - this time with the ransomware WannaCry - let us remember that it's not just about the criminal hackers, out-of-control government agencies such as the NSA, or vendors such as Microsoft putting out vulnerable software. Every single one of us working in IT, security, and business today are complicit in these challenges. Outdated/unsupported operating systems are running. We ...
Continue Reading... -
01 May 2017
Thoughts on the 2017 Verizon DBIR, hacking security policies, breaking into the infosec field, ransomware and more
Here are some recent pieces I've written for the good people at IANS: Verizon DBIR shows why we’re still struggling with security Security policies don’t get hacked. Why do they get all the attention? Strategies for Thwarting State-Sponsored Hacks Rooting out Ransomware Where, exactly, is your information? CEO Spoofing - Don't get fooled Take responsibility for vendor product security Are you making this mistake with your phishing awareness campaign? As ...
Continue Reading... -
17 Nov 2016
Careers in information security, dealing with ransomware, and more
With the field information security as popular as ever, I thought this would be a good time to share some pieces I've written on breaking into the field along with a few more on information security leadership. Oh, and I've thrown in a couple of pieces and a webcast on ransomware since that's a big deal these days. Enjoy!10 Tips for Breaking into the Infosec Field What type of organization needs ...
Continue Reading... -
05 May 2016
Twitter hack–NFL draft consequences
I recently received this press release regarding Ole Miss offensive tackle Laremy Tunsil's Twitter account and how it affected his NFL draft:Amazing.Will someone please tell me how the consequences of basic security weaknesses surrounding social media, passwords, and malware do not impact us all personally and professionally....
Continue Reading... -
02 Sep 2014
Bits & pieces on the 2014 Home Depot data breach
The news of the new Home Depot credit card breach combined with me being based in Atlanta as well, I feel compelled to share some links to some of the recent pieces I've written about point-of-sale and retail information security in hopes that a nugget or two might prove beneficial to someone out there...here they are:The Target Breach – Can It Be Prevented?Six endpoint management lessons from POS security breachesSecurity ...
Continue Reading... -
28 Aug 2014
The latest Android / Gmail security flaw & why people don’t take IT & security seriously
You may have heard about the recently-discovered Android exploit that makes Gmail vulnerable to criminal hackers. I read it over and realized that I have to use this opportunity share an example of what I talk about when "researchers" claim that all is bad in the world because of the latest and greatest exploit impacting whatever software or device they've discovered.This Android/Gmail finding in particular is a great example of ...
Continue Reading... -
31 Jan 2014
Some stuff you need to know about Windows 8.x, Internet Explorer, BYOD/MDM, and malware removal
My goodness, I've let a lot of my articles on Windows 8, 8.1, patching, malware, and related desktop security topics stack up! Check these out:Don't ignore Windows 8 security when reviewing desktop vulnerabilitiesIT can tackle Windows configuration with a well-planned desktop auditWindows Server Update Services weaknesses you may not know about <=this is BIG, seriously!Why a Windows security scan is not enough to protect your workstationsFive steps to successful bot ...
Continue Reading... -
24 May 2013
Quoted in the Wall Street Journal this week
I was quoted in the Wall Street Journal (Tuesday May 21 edition)...it's a piece written by Gregory Millman talking about how senior executives are often at the root of information security problems. Check it out:Corporate Security's Weak Link: Click-Happy CEOs Top Bosses, Exempt From Companywide Rules, Are More Likely to Take Cyber-Attackers' BaitAs I've written in the past, this is a big problem in businesses both large and small based on what ...
Continue Reading... -
24 Jul 2012
This week’s webcast on common sense security
Join me and Phil Owens of GFI tomorrow (Wednesday July 24, 2012) as we wax poetic about what it really takes to have a reasonable layered security defense against malware:Defense in Depth: The Layered Approach to IT Security Crashed systems, data theft, decreased productivity, revenue loss, reputation loss – today’s malware threats can cause critical damage to your business. IT professionals, now more than ever, need a method of in-depth protection ...
Continue Reading... -
09 Feb 2012
Video: My new whitepaper on advanced malware and how Damballa Failsafe fits in
Introduction to the threat we're facing and my new whitepaper The Malware Threat Businesses are Ignoring and How Damballa Failsafe Fits In: ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
