• 16 Sep 2010

    Article 2, Section 1: Employees shall not be allowed to defend themselves

    Here's an interesting scenario of company policy versus state law. Regardless of the interpretation and how it turns out, way to go Iron Mountain for making it known your employees are unarmed!In the same spirit of those "zero tolerance" school zones that tell the bad guys that there's no one there to defend themselves, this kind of stuff is absolutely mindless....

    Continue Reading...
  • 26 Aug 2010

    Good new book on security awareness

    I have to admit, when my colleague Marcos Christodonte first approached me about reviewing his new security awareness book, Cyber Within, I thought here's yet another book on boring old security awareness. I was wrong. Cyber Within takes a very unique (suspense novel-like) approach to address the problem we have with employees and information security. And it works.The book is a quick read - just 47 pages - but it's ...

    Continue Reading...
  • 25 Aug 2010

    500 million and counting…

    I just received a press release from Beth Givens at the Privacy Rights Clearinghouse stating "500 Million Sensitive Records Breached Since 2005". 500 million+ known records that have been compromised in 5.5 years in the U.S. alone due to people in organizations large and small making poor choices about information security and privacy! Simply amazing.If you haven't seen the Chronology of Data Breaches, check it out. It's fascinating. The problem ...

    Continue Reading...
  • 24 Aug 2010

    Relentless incrementalism

    I don't know who coined the term "relentless incrementalism" but it's very fitting when it comes to information security. In the context of what we do, relentless incrementalism means doing small things over time that add up to big outcomes in the long term.All of us - management included - have to understand that security is not a one-time deal. Nor is it a product or a "compliant" status. It's ...

    Continue Reading...
  • 23 Aug 2010

    Panic is not a strategy

    Seriously...it's not.In this new piece I wrote for Security & Technology Design magazine, I talk about the lack of incident response planning being one of if not the biggest risk in any given organization...and what you can do about it:Incident response: The biggest security gaffe of all?If anything, never forget what Captain Chesley Sullenberger said after he landed U.S. Airways flight 1549 into the Hudson River last year:"I didn't have ...

    Continue Reading...
  • 23 Aug 2010

    Common sense counts the most

    A great quote I heard over the weekend has a direct tie-in to what we focus (or don't focus) our efforts on in information security. NASCAR champion Ned Jarrett said:"There's nothing stronger when you're trying to get something done than common sense."I couldn't agree more.In the realm of IT and managing information risks, I'll take common sense over book smarts any day....

    Continue Reading...
  • 19 Aug 2010

    How dare we question our rulers!?

    I've kept my mouth shut about this long enough. Why aren't more Americans standing up against this mosque at ground zero nonsense!? The mosque is clearly nothing more than a symbolic mark of victory on our soil by the very group that's trying so hard to bring our society down. And our own government is facilitating this.Where is our country headed when one of our "rulers" says that any opposition ...

    Continue Reading...
  • 12 Aug 2010

    Apple’s iPad – a forensic investigation in the making?

    Here's a new piece I wrote for SearchCompliance.com on regarding the realities and risks of iPads in the enterprise.Enterprise iPads: Compliance risk or productivity tool?Simply put, they're not all that different that other mobile computing devices but they do bring something unique to the table...Speaking of "i" devices in the enterprise, here's a great read I saw recently in Information Week that outlines a scenario that's at the root of ...

    Continue Reading...
  • 11 Aug 2010

    Great information security quote (don’t believe the hype)

    There's a Japanese proverb that fits nicely into infosec:"If you believe everything you read, perhaps it's better not to read."Be it F.U.D., vendor hype, or "experts" who claim the sky is falling with every new exploit they uncover - you ultimately need to focus on doing what's best in your environment under your terms....

    Continue Reading...
  • 09 Jul 2010

    The reactive nature of policies that people ignore

    I got stuck in a traffic jam while passing through the famous and lovely town of Kennesaw, GA yesterday because of this unattentive truck driver trying to cross a raised railroad crossing:I wonder what part of the No Trucks sign he didn't understand. There's another sign out of the frame that warns truckers of a $1,000 fine if they cross there. Ouch!This situation can be compared to the disconnected and ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.