• 01 Feb 2010

    Relying on users to wipe out wimpy passwords??

    I just came across a Dark Reading piece by Adrian Lane on wiping out wimpy passwords. Adrian says that user training is needed so people know how to create strong passwords. I'm not picking on you Adrian however this has become a downright ridiculous approach, one that's been proven time and again not to work. My take is if you have to set your users up for success and, therefore, ...

    Continue Reading...
  • 22 Jan 2010

    What are your thoughts on Web hosting / colo providers?

    Better think things through when giving up the reigns and letting a third-party Web hosting or colo provider run the show:When using a Web hosting provider can be bad - really bad - for your businessYou'd think Network Solutions would have better security controls in place.When will people pull their heads out of the sand? Maybe never??Speaking of this specific vulnerability, here's a recent bit I wrote on Acunetix's blog ...

    Continue Reading...
  • 22 Jan 2010

    My latest information security content

    Here are my latest information security articles and a podcast focusing on Web security and document security. Enjoy!First, my Web security articles:Changes coming to the OWASP Top 10 in 2010 (read the comments too, I stirred the puddin' with this piece!)Free Web proxy tools you need to get to knowSecuring Web servers in Windows environments...and a document security podcast (this is a really interesting story if you haven't heard about ...

    Continue Reading...
  • 15 Jan 2010

    I’m featured in the new issue of Entrepreneur Magazine

    Check this out. I'm featured in the January 2010 issue of Entrepreneur Magazine's Ask A Pro section where I talk about employee monitoring:Entrepreneur Magazine, January 2010. © 2010 By Entrepreneur Media, Inc. All rights reserved. Reproduced with permission of Entrepreneur Media, Inc.In this piece, it may not be clear whether or not I support monitoring of employee email so let me clarify. I'm not for micromanagement and Big Brother but ...

    Continue Reading...
  • 07 Jan 2010

    Great information security quote

    This sends a message, huh?:"All that is necessary for the triumph of evil is that good men do nothing." -Edmund BurkeIt's not just applicable to information security - it also applies to the War on Islamic Terrorism...uhum, I mean "Man-Caused Disaster"....

    Continue Reading...
  • 04 Jan 2010

    My latest security content

    Here's some more new information security content - stuff on network administration, employee monitoring, checklist audits, and more. Enjoy!How to get - and keep - user support with security How to get management on board with Web 2.0 security issues Underlying causes of inconsistent patch management Are your IT administrators trustworthy? Monitoring user activity with network analyzersPriorities for your sound regulatory compliance management policy Go beyond a checklist audit for ...

    Continue Reading...
  • 17 Dec 2009

    “Top Blogs” list & some home security considerations

    I think I may have found the first sign that my blog is growing and gaining some traction. I've made it to the Top 20 Home Security Bloggers list. Many thanks to Adrienne Carlson for this. There are some other interesting blogs on her list so check it out.Speaking of home security here's something to consider while home with your family over the holidays. Many believe we have a "right" ...

    Continue Reading...
  • 16 Dec 2009

    How Tiger Woods’ marriage is like risk management

    In the seemingly unavoidable media drone tirades hammering Tiger Woods and his marital situation I realized the tie-ins that such high-profile marriages have with what we do in the information security field. It boils down to two things:It's all about the moneyThe focus going in is on who can get the most out of it - "what's in it for me?"We see this all the time when it comes to ...

    Continue Reading...
  • 01 Dec 2009

    Funny thing about notices of privacy practices

    I just received a "notice of insurance information practices" from my health insurance provider that says something to the effect of:"ALL INFORMATION CONFIDENTIAL. We're required by law to keep your information confidential. It will be seen only by our employees and authorized business associates."Really? Pretty gutsy statement from any business but especially one who's already been listed on the Chronology of Data Breaches....

    Continue Reading...
  • 20 Nov 2009

    “Computer glitch” always to blame for someone’s bad choices

    Here's my two cents on the people failure - I mean "computer glitch" - at Atlanta's Hartsfield airport yesterday. Gotta blame something...Hartsfield outage: "Computer glitch" or FAA "people failure"?...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.