• 26 Apr 2013

    Clueless in the cloud – think before you act

    A recent Network World piece about an RSA 2013 panel that covered cloud forensics and whether or not your cloud providers will be able to come through for you in the event of a lawsuit or breach bringing some critical pitfalls of cloud computing.  Two things are certain:If you're lucky enough for your business to be around for the long haul, odds are that it'll ultimately be hit with a ...

    Continue Reading...
  • 03 Apr 2013

    Regardless of the subject, people see what they want to see

    Here's a great quote by Jay Abraham that resonates with IT, information security, politics - you name it:"An amazing thing, the human brain. Capable of understanding incredibly complex and intricate concepts. Yet at times unable to recognize the obvious and simple."...

    Continue Reading...
  • 28 Mar 2013

    The idiocy of gun control summarized in a single graphic

    I reference "heads in sand" quite often regarding information security but no subject better summarizes this concept than people's willingness to let the government tell them when and where they can defend themselves and their families from criminal thugs. This graphic (source unknown) says it all:Ask anyone who's against self-defense, personal responsibility, and free will if they'd consider putting a sign in their yard or on their door that says ...

    Continue Reading...
  • 21 Jan 2013

    Student information systems rife with security flaws

    Here's an interesting story from Slashdot today about a college student being expelled after pointing out flaws in his college's student information system.What he's seeing is no surprise. Starting with my days working for IBM's EduQuest division, for the past 20 years or so I've seen numerous K-12 and higher education student information systems chock full of security flaws. Stupid, silly security flaws like SQL injection, cross-site request forgery, URL ...

    Continue Reading...
  • 21 Dec 2012

    IT security careers, committees, and corruption

    Here are some new pieces I've written on IT and security leadership (or lack thereof). Enjoy!What to do when the CIO gets in the way of enterprise IT securityHow to form a functional enterprise IT security committeeUnderstanding management gets your IT department what it needsFive Concepts for IT Security SuccessAs always, check out principlelogic.com/resources for links to all of my information security whitepapers, podcasts, webcasts, books, and more....

    Continue Reading...
  • 26 Nov 2012

    Fix for painful authenticated web vulnerability scans requiring MFA

    Authenticated web security scans are one of the most frustrating parts of web security assessments. I mean they're downright painful, oftentimes seemingly impossible - especially if multi-factor authentication (MFA) technology is in use. Yet authenticated scans are critically important. It's scary how many times I uncover serious flaws (i.e. SQL injection) while logged-in as a typical user of a web site/application. That is if I can get my web vulnerability ...

    Continue Reading...
  • 13 Nov 2012

    Are you doing enough to protect your secrets? It’s unlikely.

    If the person who heads the CIA can't keep his "secrets"; nothing's secret. It's as simple as that.What are you doing to ensure your intellectual property is protected?Lawyers will claim their contracts are enough. Management will leave their heads in the sand and claim their IT folks are handling it. Neither are enough.Fix the silly/ridiculous/inexcusable low-hanging fruit on your network and then put the proper technologies and procedures in place ...

    Continue Reading...
  • 25 Sep 2012

    Be it in healthcare or infosec, the short term is for losers

    With all the doctor & hospital visits I've gone (and am still going) through with family members in the past few years, I've come to the conclusion that many (most?) healthcare providers - especially those smart doctors society holds on a pedestal - absolutely cannot see the big picture. They can't think past the appointment time slot in which they're currently working, much less next year and beyond.Adding to the ...

    Continue Reading...
  • 21 Sep 2012

    Perhaps the biggest & most widespread security gaffe of all

    ...

    Continue Reading...
  • 16 Aug 2012

    You can’t buy security for $1, but some people will fall for it

    I recently deposited a check at a giant monster mega bank that's continually trying to sell me new services and the teller asked: "Would you like to buy identity theft protection for just $1 today?"Wow, really...so you're saying my personal information will be safe and secure for a mere $1...!? Amazing...but no thanks. Sadly, many in management are like the average consumer: they just don't realize what it takes to ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.