-
22 Aug 2014CISOs, lawyers, awareness training, and other infosec blunders you need to know about
I've been super busy putting my twisted thoughts on paper...here are a few pieces you might enjoy:When your lawyer becomes your CISO The compliance crutch holding up Corporate AmericaThe fallacy of information security awareness and trainingThe one skill worth mastering in ITQuantifying the disconnect between the business and securityThe critical item that’s missing from most IT security programsWhat's your one hot button security item? Top detractors of security oversight The funny ...
Continue Reading... -
30 Apr 2014
Things that impact careers in information security
Here are some recent pieces I've written that can make or break your success in information security:Open your eyes and you’ll see the lightSteering your career as a desktop admin in the mobility ageThe mindset of everyday employees and their impact on securityWhy a CIO's relationship with enterprise IT security is importantBe sure to check out the hundreds of security articles, webcasts, and more I've written/developed over the past 12 ...
Continue Reading... -
22 Apr 2014
6 reasons information security causes global warming
In keeping with the divorce and everything Capitalist or conservative causes "global warming" movement, how about this:Information security causes global warming (or cooling, or whatever it needs to be called today)I really believe we have a "crisis" on our hands and here's why: The need for IT security controls is a negative side-effect of Capitalism - man bettering himself if you will. If we didn't have computers and the Internet, ...
Continue Reading... -
11 Apr 2014
Heartbleed – the biggest Web security problem ever???
I just came across this piece from NewsFactor: Is Heartbleed the Biggest Web Security Threat Ever? and couldn't help but chime in. Contrary to popular hype, I don't think the biggest web security issue we face (now or ever) is a technical problem...instead, it's something with hair on top like I talked about here.As with the hype over the Target breach and the gloom and doom over Windows XP's end ...
Continue Reading... -
09 Apr 2014
Windows XP: Goodbye my love…well, not really.
Windows XP...ah, the memories!I wrote many of my books including the first two editions of Hacking For Dummies and the first edition of The Practical Guide to HIPAA Privacy and Security Compliance originally on Windows XP - not to mention countless articles, security assessment reports and more over a 7-8 year span.It was nice working with you XP!I waited to write this post today, the day after all the Windows ...
Continue Reading... -
25 Mar 2014
68% of workers do this…and we wonder why we have security problems!
I've always believed that information security is a people problem that goes deep into the psychology of how we think. Here's a great example...starting at 0:24:http://johnmaxwellteam.com/industrious/This is the basis for why our so-called leaders rise to power, why there's a gap between the haves and have-nots, and why so many "ailments" afflict society. Many people simply don't believe in themselves and have no desire or motivation to get any better. ...
Continue Reading... -
19 Feb 2014
Step up or step aside, somebody needs to fix your security woes
I just got off of phone call with some friends/colleagues where we were discussing the latest security trends. After talking it occurred to me that we're basically going backwards in time with information security. It seems with the Target breach, stupid passwords people are still using in 2014, and even today's new SANS-Norse healthcare security report, it just keeps piling up as if nothing works.But it can work - if ...
Continue Reading... -
22 Nov 2013
A great infosec quote
The late (and great) Jim Rohn once said:“If you really want to do something, you'll find a way. If you don't, you'll find an excuse.” Oh my...so many information security tie-ins. ...
Continue Reading... -
12 Aug 2013
You can’t see the light ’til you open your eyes…
I noticed a lot of interesting topics/news coming from the Black Hat conference last week such as: SSH Communications Security Unveils General Availability Of SSH Risk Assessor ToolPreparing For Possible Future Crypto AttacksCrack of mobile SIM card crypto and virtual machine features could let an attacker target and clone a phone HTTPS Hackable In 30 Seconds: DHS AlertNo doubt, these are all worthy topics that will help improve information security over the ...
Continue Reading... -
21 May 2013
The next time you’re feeling bullied…
Ever have a psychopathic executive (in IT or otherwise) try to force you to do something you simply can't support, railroad you down the wrong path, or attempt to make you feel inferior? You're not alone - I see and hear about this a LOT. There are many people pretending to be leaders who are simply insecure in their jobs so they try to flex their muscle to put up ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
