• 29 Apr 2019

    I’m IT…Respect my authoriTAH!

    If you've watched the animated TV show, South Park, you'll appreciate this. I just came across an article titled The Importance of Respecting Expertise in IT Professionals by Michelle Rakoczy. It's a thoughtful and well-researched piece on why people outside of IT need to respect the guidance/opinions of IT professionals (yet often don't). In my years of information security consulting and observing human behaviors as they relate to the field, ...

    Continue Reading...
  • 16 Nov 2018

    Fortinet study on CISOs and the security skills gap

    We hear a lot about the information security skills gap but what does that really mean? Actually it means a lot of different things to different  people. Check out this Ziff Davis webinar on which I recently served as a panelist. We had a great discussion and the study commissioned by Fortinet is very telling about what employers are looking for and what jobseekers believe that they bring to the ...

    Continue Reading...
  • 22 Aug 2018

    A great reminder about relationships in information security

    I've always believed that poor communication can make or break an information security program. So many times, I witness IT and security professionals failing to get their messages across to their audience and, worst of all, talking down to the very people whom they should be lifting up. I've written about it many times over the years: https://searchenterprisedesktop.techtarget.com/tip/Ten-ways-to-sell-security-to-management https://searchwindowsserver.techtarget.com/tip/Working-in-IT-Simple-steps-to-get-users-on-your-side https://it.toolbox.com/blogs/itmanagement/the-one-skill-worth-mastering-in-it-052814 George Bernard Shaw said something that applies nicely: “The problem ...

    Continue Reading...
  • 17 Jul 2018

    Join me at 2pm ET today for a discussion on data breaches + reading assignment links

    The data breach numbers we see in the studies and headlines every year (day!?) are pretty amazing...It's clear that we have not just an IT challenge on our hands but a true business problem... What's behind all of the incidents and breaches? Why does it seem to be getting worse? Is there anything that can be done about it? Well, that and more is what I''l be discussing in my ...

    Continue Reading...
  • 27 Sep 2017

    SEC, Equifax, what’s next? Focus on – and fix – the stuff that matters in security.

    I recently consulted with a client on the SEC and Equifax breaches and had some thoughts that I left with that I wanted to share here: Your security program is only as good as your day-to-day processes and people. No amount of policies, plans, and technologies is going to prevent you from getting hit. Reactive security is apparently the new norm, at least according to SEC chairman Jay Clayton. I ...

    Continue Reading...
  • 10 Aug 2017

    Rapid7’s Insight platform provides focused analytics for your security program

    Fairly recently, Rapid7 took their vulnerability management platform up to the next level with their analytics platform called Rapid7 Insight. It's a beneficial for an independent consultant like myself and even more useful for enterprises with IT environments of growing complexity. Rapid7 Insight is marketed as a way to bring together the Nexpose vulnerability research, Metasploit exploits, global security intelligence and exposure analytics into a single system that can help ...

    Continue Reading...
  • 17 May 2017

    My new content on preventing ransomware + infosec leadership and careers

    From ransomware to IT and security leadership and careers - they all sort of go hand-in-hand. Here's some new content for you to check out: Five ways to prevent a ransomware infection through network security An unfunded mandate is not a mandate How top IT pros stand apart Using unrealized IT talent to your advantage Great ways to get management on your side with application security The side-effects of miscommunication ...

    Continue Reading...
  • 03 Feb 2017

    Prepping for – or dealing with – a computer security incident? Here are some resources for you.

    It's a reality of using computer systems today - the threats are out there waiting to pounce, especially onto that low-hanging fruit that so many businesses overlook. Here are some pieces I've written in the recent past that address incident response, data breaches, and the like: Figuring out what happened after a data breach Questions that must be answered once a security breach occurs Six endpoint management lessons from POS ...

    Continue Reading...
  • 19 Jan 2017

    Children’s Hospital Los Angeles breach reminds us that HIPAA means nothing if you ignore its requirements

    Back in 2007 I wrote a blog post on what's it going to take to encrypt laptop hard drives. After seeing this recent story about Children's Hospital Los Angeles, I can't help but shake my head.The 0 comments on this article says a lot as society is becoming immune to these breaches...I think I've heard it called breach fatigue - it's not unlike presidential politics as of late! In 2007, these ...

    Continue Reading...
  • 03 Jan 2017

    Keys to a great 2017

    Welcome to 2017! It's another year and another great opportunity to get security right in your organization. As you return to work with a cleared mind and good intentions, building (or maintaining) an effective information security program in the New Year is not unlike my favorite passion: car racing. You not only need to get off to a good start but you also need to keep up your momentum...lap after lap ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.