• 23 Jun 2015

    HIPAA Security Rule compliance tips, advice, and resources

    There's a lot going on in the world of healthcare, including HIPAA compliance. This applies not only to healthcare providers, insurance companies, and the like but also any business and subcontractor that does business in this space.If you or someone you know falls under this umbrella, here are a few things I've written over the past several months that can help: What Security Professionals Need to Know about HIPAA‘Yes, HIPAA ...

    Continue Reading...
  • 11 Jun 2015

    Great quote regarding people who are unable/unwilling to change

    Here's an excellent quote about business execs I just came across from management expert, Peter Drucker. It could certainly apply to IT and security professionals just the same:"The most common cause of executive failure is inability or unwillingness to change with the demands of a new position. The executive who keeps on doing what he has done successfully before is almost bound to fail."...in other words, if you keep doing ...

    Continue Reading...
  • 08 Jun 2015

    My latest information security content: truly *managing* your security program

    Check out the following information security management pieces I've written for Ziff Davis and IBM recently: If there’s a will with information security there will be a way  Eight remarkable things you’re doing with security that you can make even betterDivulging sensitive info for a potential acquisition - good idea or bad?Formidable Threats and Minimal Visibility - A Troublesome CombinationWhen vendor security vulnerabilities become your own Additional information security content ...

    Continue Reading...
  • 29 May 2015

    What you (really) need to know about esophageal manometry

    Aside from my typical computer security-related blog posts I thought I’d branch out and share something completely unrelated in hopes it can benefit others. Recently, I had the opportunity to endure the most difficult thing I’ve ever experienced as a forty-something male: esophageal manometry. It’s performed on patients suffering from gastroesophageal reflux disease (GERD). In short, the medical professional sticks one of these ~1/2" thick torture tubes up one of ...

    Continue Reading...
  • 15 Apr 2015

    Don’t get blinded by the “small stuff” that’s hard to notice

    One of the core challenges you face in information security is getting so caught up in the minutiae of your network environment and day-to-day work that you end up not being able to see the bigger picture: what's really going on, what really needs attention, and what really matters. I've been writing about this for over a decade and I've yet to stop spreading the word...it's just too important a ...

    Continue Reading...
  • 07 Apr 2015

    A core reason why security challenges go unresolved

    Constantly dealing with information security issues in your organization? It's really about dealing with management, peers, and subordinates. Here's some motivation:"The ability to deal with people is as purchasable a commodity as sugar of coffee, and I will pay more for that ability than for any other under the sun." -John D. Rockefeller If you're in search of other ideas on how to get (and keep) people on board with ...

    Continue Reading...
  • 10 Mar 2015

    Using Checkmarx CxSuite to outline “the rest of the story” regarding application security

    When it comes to Web application and mobile app security, can you honestly say you know where everything stands...as American radio personality Paul Harvey used to proclaim -  the rest of the story?   You can run Web vulnerability scans, perform manual mobile app analysis, and the most in-depth penetration testing possible. You can look at things from the perspectives of unauthenticated attackers, trusted users, and all the angles in between ...

    Continue Reading...
  • 09 Feb 2015

    Back to basics in information security? Proven year after year but (apparently) unattainable for many.

    I'm often wrong about many things in life...just ask my wife. However, I'm feeling a bit vindicated regarding my long-standing approach to information security: address the basics, minimize your risks. You see, more and more research is backing up what I've been saying for over a decade. It what was uncovered in the new Cisco 2015 Annual Security Report. [i.e. "Less than 50 percent of respondents use standard tools such ...

    Continue Reading...
  • 03 Feb 2015

    Great quote about making changes in infosec

    Here's something that the founder and CEO of FedEx, Fred Smith, said that ties-in nicely with what we do (and see) in information security:"You are the way you are because that's the way you want to be. If you really wanted to be any different, you would be in the process of changing right now."Pause for a moment and ask yourself what you're doing to make some changes in information ...

    Continue Reading...
  • 21 Jan 2015

    Øbama knows more about information security than we do

    I know it's painful to listen to our Ruler wax poetic about how great things are in America and how he's going to continue transforming society for the better...so just in case you missed last night's State of the Union and proposed initiatives, his regime wishes to "better secure" the Internet and our networks by making changes to the Computer Fraud and Abuse Act (CFAA). Here are some good reads ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.