• 28 Oct 2008

    My latest security content

    Here are two articles I wrote for SearchEnterpriseDesktop.com:Enhancing patch management with NAPUnauthenticated vs. authenticated security testing Here's an article I wrote for SearchSQLServer.com:New security features in SQL Server 2008 leave some work for you...and finally a podcast I just recorded for SearchEnterpriseDesktop.com:Security Policies for Windows SystemsBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcast interviews, webcasts, screencasts and more....

    Continue Reading...
  • 15 Aug 2008

    Access to one card at a time isn’t a bad thing?

    I'm writing an article series that includes some information about PCI DSS. In my research, I noticed something interesting - almost comical - about Requirement 12.7:Screen potential employees to minimize the risk of attacks from internal sources. For those employees such as store cashiers who only have access to one card number at a time when facilitating a transaction, this requirement is a recommendation only.So, "access to one card number ...

    Continue Reading...
  • 23 Jul 2008

    $25 billion for information security gaffes?

    What if the government could come running to protect us every time we or one of our colleagues made a bad security decision - intentional or not? Imagine:setting an Allow All rule in your firewallmaking all of your databases accessible via the Internetrevoking any and all password policiesnever testing your systems for vulnerabilities....or,avoiding data backups because, well, you just can...Everything we do in life - every choice we make has ...

    Continue Reading...
  • 17 Jan 2008

    Cox Communications telecom outage highlights the need for better security processes

    This is one of those often-overlooked security operations weaknesses that ends up being one of the most vicious. A fired Cox Communications worker hacks back in and wreaks havoc: https://www.scmagazine.com/former-cox-communications-employee-pleads-guilty-to-hacking-company-network/article/553715/ Also a good reason to watch the "watchers". Funny thing that many people in IT forget: there's this thing called change management that helps quite well in these situations....

    Continue Reading...
  • 07 Jan 2008

    Holiday shopping insight: Security for security’s sake?

    Over the Christmas holidays I noticed an interesting retailer procedure that strikes home with us in information security. It's manager overrides...You know when you buy something special or need to return something that requires manager approval...The cashier has to call over a manager to override what s/he is trying to do. I certainly understand the need for an override. Maybe the purchase is over $500 or there's no receipt for ...

    Continue Reading...
  • 14 Dec 2007

    Isn’t this what HIPAA is for?

    I've been hearing a little sound bite on my local radio station of Hilary Clinton saying "I believe everyone -- every man, woman, and child -- should have quality, affordable health care in America. We should do it. We should do it, because, in this new economy, when people move jobs more than ever before, their health insurance should move with them." You can see the transcript on Hilary's Media ...

    Continue Reading...
  • 06 Dec 2007

    Stupid policies are ignored by those with an agenda

    On a similar note regarding my previous post on the Omaha mall incident, apparently the mall has a policy against concealed weapons - and apparently (I haven't confirmed) there's a Nebraska state law backing such policies in private businesses in that state. This event not only shows how vulnerable we really are but it's also a classic case of stupid policies/laws such as this ONLY apply to law-abiding citizens.In the ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.