-
09 Jan 2015Core human psychology principles are what hold us back with security
2015 marks my 26th year working in IT and my 20th year focusing on information security. I'm so fortunate to work in such an amazing field and even luckier to have gained some wisdom over the years that has allowed me understand the true challenges we face with information security! As much as the vendors, researchers, and criminal hackers want us to believe it's the threats that cause all the ...
Continue Reading... -
05 Aug 2014
Are you stuck in this information security rut?
Here's a new post I wrote for Rapid7's blog that I think you might like...There’s nothing really new in the world in which we work. Every problem you face in information security has already been solved by someone else. Why not use that to your advantage? There’s no time for baby steps in security. Sure, you need to “walk before you run” by thinking before you act. That comes in ...
Continue Reading... -
22 Apr 2014
6 reasons information security causes global warming
In keeping with the divorce and everything Capitalist or conservative causes "global warming" movement, how about this:Information security causes global warming (or cooling, or whatever it needs to be called today)I really believe we have a "crisis" on our hands and here's why: The need for IT security controls is a negative side-effect of Capitalism - man bettering himself if you will. If we didn't have computers and the Internet, ...
Continue Reading... -
09 Apr 2014
Windows XP: Goodbye my love…well, not really.
Windows XP...ah, the memories!I wrote many of my books including the first two editions of Hacking For Dummies and the first edition of The Practical Guide to HIPAA Privacy and Security Compliance originally on Windows XP - not to mention countless articles, security assessment reports and more over a 7-8 year span.It was nice working with you XP!I waited to write this post today, the day after all the Windows ...
Continue Reading... -
25 Mar 2014
68% of workers do this…and we wonder why we have security problems!
I've always believed that information security is a people problem that goes deep into the psychology of how we think. Here's a great example...starting at 0:24:http://johnmaxwellteam.com/industrious/This is the basis for why our so-called leaders rise to power, why there's a gap between the haves and have-nots, and why so many "ailments" afflict society. Many people simply don't believe in themselves and have no desire or motivation to get any better. ...
Continue Reading... -
08 Oct 2013
Windows 8.1 changes/enhancements, BitLocker’s improvements, and related Windows mobile/security tips
In addition to my independent information security assessments through my consultancy Principle Logic, I've been writing a ton...including a lot on Windows 8 and 8.1. Check out these new pieces published by my friends at TechTarget:What's old, what's new for the enterprise with Windows 8.1Understanding why Windows 8 for mobile is perfectly viable for enterprise use Don’t forget enterprise password protection in a merger or acquisition Three ways Sysinternals Process Explorer ...
Continue Reading... -
07 Mar 2013
Got Compliance? Here’s my way of reducing your pain just a bit.
It's been a while and the content is stacking up, so here's the first of many upcoming posts on new content I've written. This time up, it's a set of tips I've written for Ben Cole at SearchCompliance.com about that dreaded subject...you guessed it....compliance.Enjoy!Considering a career in compliance? Heed these warnings firstAudits, maintenance crucial to business continuity policy successControl, visibility essential to records management and complianceBeware the perils of organization-wide ...
Continue Reading... -
21 Dec 2012
IT security careers, committees, and corruption
Here are some new pieces I've written on IT and security leadership (or lack thereof). Enjoy!What to do when the CIO gets in the way of enterprise IT securityHow to form a functional enterprise IT security committeeUnderstanding management gets your IT department what it needsFive Concepts for IT Security SuccessAs always, check out principlelogic.com/resources for links to all of my information security whitepapers, podcasts, webcasts, books, and more....
Continue Reading... -
10 May 2012
-
22 Mar 2012
Don’t underestimate the value of firewall rulebase analysis
Are firewalls sexy? No...but you must understand that they're an integral part of your overall information risk equation. From configuration flaws to rulebase anomalies to overall system inefficiencies, your firewall rulebases can make or break security, business continuity and other critical parts of your IT operations.Last week, AlgoSec's Nimmy Reichenberg and I recorded a webinar titled How to Automate Firewall Operations, Simplify Compliance Audits and Reduce Risk that you may ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
