• 05 May 2016

    Twitter hack–NFL draft consequences

    I recently received this press release regarding Ole Miss offensive tackle Laremy Tunsil's Twitter account and how it affected his NFL draft:Amazing.Will someone please tell me how the consequences of basic security weaknesses surrounding social media, passwords, and malware do not impact us all personally and professionally....

    Continue Reading...
  • 04 May 2016

    Yet another over-hyped security flaw making the headlines

    For years now, I've ranted here and elsewhere about the nonsensical niche security "flaws" uncovered by researchers and academic scholars that often have no real bearing on business or society. There are always caveats, always reasons why these super-complicated exploits won't work, yet they make the headlines time and again. The recent Waze app discovery is a great example:Vulnerability in Google's Waze app could let hackers track you, researchers sayLook ...

    Continue Reading...
  • 14 Apr 2016

    Will the DBIR include Verizon’s latest breach?

    I'm a little late to pull the trigger on this but felt compelled to ask the question nonetheless:Will Verizon include it's recent breach in its (presumably) forthcoming Data Breach Investigations Report? ...It's related to this press release I received ~3 weeks ago:...

    Continue Reading...
  • 13 Apr 2016

    Why data classification is a joke

    I just saw this post on Slashdot about 0bama saying that classified means whatever it needs to mean. It reminds me of how data classification is treated as an information risk management function in the enterprise: mostly non-existent:Data classification programs that do exist are typically a joke whereby IT and security handles everything with no involvement from the business or legal or legal handles everything with IT and security being ...

    Continue Reading...
  • 02 Mar 2016

    A patch for stupid, PCI DSS penetration testing tips, and focusing on what matters in security

    Here are some articles and guest blog posts I've written for my friends at TechTarget, Ziff Davis, AlgoSec, and Rapid7: - See more at: http://securityonwheels.blogspot.com/#sthash.QOKy5qXt.dpuThe follare some articles and guest blog posts I've written for my friends at TechTarget, Ziff Davis, AlgoSec, and Rapid7:The following are some new articles I've written for TechTarget and Ziff Davis. Enjoy!Maybe there is a patch for stupidSix areas of importance in the PCI Penetration ...

    Continue Reading...
  • 20 Jan 2016

    Worst passwords (on your network right now)

    The fifth-annual Worst Passwords List put out by SplashData is here and the findings aren't terribly surprising. Here are the top five:#1: 123456#2: password#3: 12345#4: 12345678#5: qwerty  Good stuff! What's that quote about insanity? One of those security basics that we'll likely continue to ignore until the end of time. That's alright, as some of the best sideline analysts will proclaim: we need not focus on such trivial things. Well, they ...

    Continue Reading...
  • 11 Jun 2015

    Great quote regarding people who are unable/unwilling to change

    Here's an excellent quote about business execs I just came across from management expert, Peter Drucker. It could certainly apply to IT and security professionals just the same:"The most common cause of executive failure is inability or unwillingness to change with the demands of a new position. The executive who keeps on doing what he has done successfully before is almost bound to fail."...in other words, if you keep doing ...

    Continue Reading...
  • 09 Feb 2015

    Back to basics in information security? Proven year after year but (apparently) unattainable for many.

    I'm often wrong about many things in life...just ask my wife. However, I'm feeling a bit vindicated regarding my long-standing approach to information security: address the basics, minimize your risks. You see, more and more research is backing up what I've been saying for over a decade. It what was uncovered in the new Cisco 2015 Annual Security Report. [i.e. "Less than 50 percent of respondents use standard tools such ...

    Continue Reading...
  • 21 Jan 2015

    Øbama knows more about information security than we do

    I know it's painful to listen to our Ruler wax poetic about how great things are in America and how he's going to continue transforming society for the better...so just in case you missed last night's State of the Union and proposed initiatives, his regime wishes to "better secure" the Internet and our networks by making changes to the Computer Fraud and Abuse Act (CFAA). Here are some good reads ...

    Continue Reading...
  • 08 Oct 2014

    What no one is saying about cyber insurance

    I race cars for fun and sport and found out the hard way not long ago that if I wanted to increase my life insurance I was going to have to jump through numerous hoops and pay enormous premiums for a minimal increase in my existing coverage. I was thinking about this scenario compared to 'cyber insurance' and, wow, what a difference. Knowing what I know, there appear to be minimal ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.