• 26 Jun 2008

    Good management yet bad results? No way!

    I was watching my favorite TV channel yesterday (SPEED) and heard well-known racer Tommy Kendall say something that struck a cord. He was actually quoting Carlos Ghosn, head of Renault, who said:"There's no such thing as good management with bad results."I immediately thought, hey, this ties into what I do for a living.Many, many people believe they have information security under control yet time and time again they come up ...

    Continue Reading...
  • 25 Jun 2008

    Ignorance is bliss when it comes to patching database servers

    I just saw this bit today on SearchSecurity.com about admins not patching database servers. So, it's not just me that sees ignorance in action when it comes to admins not wanting to patch their database servers. I can't tell you how many times I've found database flaws directly-exploitable from the inside all because an admin didn't want to patch the system. I'm talking about full command prompt access to database ...

    Continue Reading...
  • 17 Jun 2008

    One more thing Representative Wolf…

    In regards to my post yesterday about your calling out for better computer security at the Federal level, you may want to consider hardening your systems with the OMB Federal Desktop Core Configuration Checklists found at the following link:http://nvd.nist.gov/ncp.cfm?fdcc_chklstUs taxpayers have funded this and other great security documents for people just like you....

    Continue Reading...
  • 17 Jun 2008

    Thought for the day on security policies

    Here's an interesting quote I just came across that fits nicely into the mold of security policy management and enforcement:"The test for determining the scope of this provision must not be subject to manipulation by those whose power it is designed to restrain." - from the Supreme Court's decision restoring the writ of habeas corpus...

    Continue Reading...
  • 16 Jun 2008

    So, when it happens to YOU it deserves attention…?

    So, U.S. Representative Frank Wolf's computers have gotten hacked into...Now he's wasting everyone's time on the House floor by calling for greater protection of congressional computer and information systems. What a dummy!Mr. Wolf: computers are getting hacked left and right day in and day out in business and in government. So now that you've been victimized we all of a sudden need tighter controls!? How about obeying your own law ...

    Continue Reading...
  • 11 Jun 2008

    100% Secure Site? Yeah, right…

    I was ordering some Aqua Globes today (I don't normally fall for these as-seen-on-TV products but this one seems to fit a need I have) and saw on their site a bold statement of "100% SECURE SITE". You can see it here. Apparently the same folks that have infiltrated other e-commerce sites claiming "HACKER PROOF".Wow - what a BOLD statement!I wonder how often they test their site/application using automated scanners ...

    Continue Reading...
  • 08 Jun 2008

    The essence of security policies in most organizations

    I just came across this quote which really stood out as a concise analogy of information security policies in most organizations:"The United States is a nation of laws: badly written and randomly enforced." - Frank ZappaAnd people wonder why they still have security problems......

    Continue Reading...
  • 05 Jun 2008

    When handling sensitive encrypted data – don’t just unencrypt it

    Here's a prime example of just how encryption/change management/policies/whatever else mean nothing when someone makes a bad decision related to information security. Why was this sensitive information unencrypted when it was moved to a new system? Hint Mr. Contractor: all it takes to easily re-encrypt sensitive data is something as basic as Winzip. If you have to decrypt it to use it...then just re-encrypt when you're done.If you're ever caught ...

    Continue Reading...
  • 27 May 2008

    Serves him right?

    This is somewhat old news from last week but I've had it on my to-post list and just had to say something about it. Did you hear about the founder/CEO of LifeLock, Todd Davis? He's the guy with all the radio ads who gives away his social security number to help prove his fraud-prevention service is secure. Well, apparently someone duped him. Huh, you don't say!?Every single time I heard ...

    Continue Reading...
  • 21 May 2008

    Ridiculous government intrusion – Go ahead, cuff me & take me away

    Apparently our Big Government Federal prosecutors here in the U.S. are going to enforce Web site usage policies on behalf on the businesses who post them. According to this story, simply entering bogus information into online services could turn you into a Federal criminal. Wow. I would expect this from some countries, but I suppose, in reality, the U.S. isn't much different than any of the others in trying to ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.