-
05 May 2016Twitter hack–NFL draft consequences
I recently received this press release regarding Ole Miss offensive tackle Laremy Tunsil's Twitter account and how it affected his NFL draft:Amazing.Will someone please tell me how the consequences of basic security weaknesses surrounding social media, passwords, and malware do not impact us all personally and professionally....
Continue Reading... -
13 Apr 2016
Why data classification is a joke
I just saw this post on Slashdot about 0bama saying that classified means whatever it needs to mean. It reminds me of how data classification is treated as an information risk management function in the enterprise: mostly non-existent:Data classification programs that do exist are typically a joke whereby IT and security handles everything with no involvement from the business or legal or legal handles everything with IT and security being ...
Continue Reading... -
29 May 2015
What you (really) need to know about esophageal manometry
Aside from my typical computer security-related blog posts I thought I’d branch out and share something completely unrelated in hopes it can benefit others. Recently, I had the opportunity to endure the most difficult thing I’ve ever experienced as a forty-something male: esophageal manometry. It’s performed on patients suffering from gastroesophageal reflux disease (GERD). In short, the medical professional sticks one of these ~1/2" thick torture tubes up one of ...
Continue Reading... -
09 Feb 2015Back to basics in information security? Proven year after year but (apparently) unattainable for many.
I'm often wrong about many things in life...just ask my wife. However, I'm feeling a bit vindicated regarding my long-standing approach to information security: address the basics, minimize your risks. You see, more and more research is backing up what I've been saying for over a decade. It what was uncovered in the new Cisco 2015 Annual Security Report. [i.e. "Less than 50 percent of respondents use standard tools such ...
Continue Reading... -
21 Jan 2015
Øbama knows more about information security than we do
I know it's painful to listen to our Ruler wax poetic about how great things are in America and how he's going to continue transforming society for the better...so just in case you missed last night's State of the Union and proposed initiatives, his regime wishes to "better secure" the Internet and our networks by making changes to the Computer Fraud and Abuse Act (CFAA). Here are some good reads ...
Continue Reading... -
09 Jan 2015
Core human psychology principles are what hold us back with security
2015 marks my 26th year working in IT and my 20th year focusing on information security. I'm so fortunate to work in such an amazing field and even luckier to have gained some wisdom over the years that has allowed me understand the true challenges we face with information security! As much as the vendors, researchers, and criminal hackers want us to believe it's the threats that cause all the ...
Continue Reading... -
05 Nov 2014
Car racing and security breaches, you’re not as ready as you think you are!
This past weekend I had the opportunity to run the race of my life - a 90 minute enduro car race in my Spec Miata - held at the America Road Race of Champions at Road Atlanta in Braselton, GA.It wasn't the most competitive race - there were only 17 entries, 14 that made it on track...I've raced with over 60 cars at once. It wasn't the most stressful race. ...
Continue Reading... -
08 Oct 2014
What no one is saying about cyber insurance
I race cars for fun and sport and found out the hard way not long ago that if I wanted to increase my life insurance I was going to have to jump through numerous hoops and pay enormous premiums for a minimal increase in my existing coverage. I was thinking about this scenario compared to 'cyber insurance' and, wow, what a difference. Knowing what I know, there appear to be minimal ...
Continue Reading... -
17 Sep 2014
What if The Home Depot looked to their own store policies for help with infosec?
If The Home Depot's management were as strict with information security as they are with store policies I'm confident they could've avoided their data breach.Have you heard their policy monger guy on their intercom system while shopping?? He sounds like that guy we've seen in those disturbing Allstate commercials. A bit creepy. It's also quite uninviting - certainly doesn't make you feel welcome in their stores.At least they've covered their ...
Continue Reading... -
28 Aug 2014
The latest Android / Gmail security flaw & why people don’t take IT & security seriously
You may have heard about the recently-discovered Android exploit that makes Gmail vulnerable to criminal hackers. I read it over and realized that I have to use this opportunity share an example of what I talk about when "researchers" claim that all is bad in the world because of the latest and greatest exploit impacting whatever software or device they've discovered.This Android/Gmail finding in particular is a great example of ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
