• 16 Nov 2018

    Fortinet study on CISOs and the security skills gap

    We hear a lot about the information security skills gap but what does that really mean? Actually it means a lot of different things to different  people. Check out this Ziff Davis webinar on which I recently served as a panelist. We had a great discussion and the study commissioned by Fortinet is very telling about what employers are looking for and what jobseekers believe that they bring to the ...

    Continue Reading...
  • 24 Jul 2018

    Check out my webinar on the big risks involving unstructured information – 2pm ET today (reading assignment links)

    Join me today at 2pm ET for my Ziff Davis webinar Addressing the Security Risks Around Unstructured Information sponsored by Citrix ShareFile. Unprotected files scattered about the network environment is one of the biggest vulnerabilities I see...and it continues to create tangible business risks for every organization. I'll talk about the risk, share some examples of what I'm seeing in my work perform security assessments, and provide some ideas on ...

    Continue Reading...
  • 17 Jul 2018

    Join me at 2pm ET today for a discussion on data breaches + reading assignment links

    The data breach numbers we see in the studies and headlines every year (day!?) are pretty amazing...It's clear that we have not just an IT challenge on our hands but a true business problem... What's behind all of the incidents and breaches? Why does it seem to be getting worse? Is there anything that can be done about it? Well, that and more is what I''l be discussing in my ...

    Continue Reading...
  • 21 Sep 2016

    Join me along with ISACA and TechTarget today to learn about how to advance your infosec career!

      I'm happy to announce that I'll be joining ISACA and TechTarget for their annual online security seminar - a day-long learning event for IT and information security professionals.  My session this afternoon, which starts at 3:30pm ET, will be I Can Do versus I Have Done...Certification, Experience, and the Information Security Career Path. You can register by clicking the image or via this link: http://www.bitpipe.com/data/document.do?res_id=1469026420_560   I hope to ...

    Continue Reading...
  • 27 Aug 2014

    My new webcast on securing your Web environment against denial of service attacks

    I saw a recent study that found that distributed denial of service attacks are getting larger and larger.The thing you need to be thinking about is how you're going to prevent and respond when your Web presence becomes a target.Well, good timing, because I just recorded a new webcast for my friends at SearchSecurity.com on this very topic...In Proven Practices for Securing Your Website Against DDoS Attacks, I have a ...

    Continue Reading...
  • 18 Jul 2014

    How to communicate Web security to management, must-have security testing tools, and compliance in the cloud

    Check out these new pieces I've written and recorded on Web application and cloud security. If you follow the things I recommend on communication (first three links), you can absolutely transform your information security program and the way that people perceive you as an IT professional.Communicating with Management about Web Security, Part 1 - Knowing What You're Up AgainstCommunicating with Management about Web Security, Part 2 - Prioritization and Sending ...

    Continue Reading...
  • 18 Oct 2013

    What you need to know about security vulnerability assessments (that no one is willing to share)

    I'd love it if you'd join me over at SearchSecurity.com next week where I'll be talking about the rest of the story regarding security assessments...You know the tools and you're probably familiar with the methodologies...that's why I'm going to share with you many other important aspects of security assessments that, unless someone tells you, you'll likely only learn the hard way. And that's no fun.In my webcast What you need ...

    Continue Reading...
  • 23 Apr 2013

    Wednesday (early) morning’s webcast: State of Cyber Security 2013

    ISACA and TechTarget are putting it on...It starts tomorrow (Wednesday) morning at 7:45am ET.Several thousand people will be in attendance...it's the largest crowd I've ever spoken to.It'll be engaging. It'll be informative. You'll hear what I really think about Obama's Cybersecurity mandates. You can't miss it.I'll be kicking things off with the keynote...then I'll be followed by some true information security experts:Theresa M. Grafenstine, Inspector General U.S. House of RepresentativesDr. ...

    Continue Reading...
  • 12 Feb 2013

    Mobile app security testing – are you checking for all the flaws?

    I plan to write a related post soon on my mobile app security assessments. In the meantime, I wanted to share a tool with you that plays a key role in mobile app security: Checkmarx CxDeveloper (or perhaps more appropriately called CxSuite).If you're a developer, QA professional, security manager, or IT generalist, this is a good tool to have for all of those gotta-have-now apps that everyone is throwing together ...

    Continue Reading...
  • 24 Jul 2012

    This week’s webcast on common sense security

    Join me and Phil Owens of GFI tomorrow (Wednesday July 24, 2012) as we wax poetic about what it really takes to have a reasonable layered security defense against malware:Defense in Depth: The Layered Approach to IT Security Crashed systems, data theft, decreased productivity, revenue loss, reputation loss – today’s malware threats can cause critical damage to your business. IT professionals, now more than ever, need a method of in-depth protection ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.