-
08 Oct 2014What no one is saying about cyber insurance
I race cars for fun and sport and found out the hard way not long ago that if I wanted to increase my life insurance I was going to have to jump through numerous hoops and pay enormous premiums for a minimal increase in my existing coverage. I was thinking about this scenario compared to 'cyber insurance' and, wow, what a difference. Knowing what I know, there appear to be minimal ...
Continue Reading... -
08 Oct 2014
My trip to the 2014 ISC^2 Congress
Last week I had the opportunity to attend the ISC2 Congress in Atlanta. It was held in conjunction with that physical security organization. When I arrived to walk the show floor, it was nothing but physical security vendors - as far as the eye could see. After about 45 minutes (sans program guide), I discovered where the information security vendors where. There were about five of them and they were ...
Continue Reading... -
19 Sep 2014
Resources to get up to speed with the latest HIPAA security requirements
Check out the newly-revised second edition of the book I just finished co-authoring with Rebecca Herold that's due out October 21st: Be sure to check out my other IT security compliance resources on my website. Enjoy!...
Continue Reading... -
17 Sep 2014
What if The Home Depot looked to their own store policies for help with infosec?
If The Home Depot's management were as strict with information security as they are with store policies I'm confident they could've avoided their data breach.Have you heard their policy monger guy on their intercom system while shopping?? He sounds like that guy we've seen in those disturbing Allstate commercials. A bit creepy. It's also quite uninviting - certainly doesn't make you feel welcome in their stores.At least they've covered their ...
Continue Reading... -
10 Sep 2014
Magnasphere and the physical security vulnerability you may not know about
If you have an alarm system that's dependent on the decades-old reed switches like the one pictured below, you should know they can be easily defeated with a mere compass and a magnet. It's pretty eye-opening...Certainly a good reason to have two, three, or (depending the country you live in and your stance on self-defense) more layers of security in your building or home! :-)A good option for beefing up ...
Continue Reading... -
02 Sep 2014
Bits & pieces on the 2014 Home Depot data breach
The news of the new Home Depot credit card breach combined with me being based in Atlanta as well, I feel compelled to share some links to some of the recent pieces I've written about point-of-sale and retail information security in hopes that a nugget or two might prove beneficial to someone out there...here they are:The Target Breach – Can It Be Prevented?Six endpoint management lessons from POS security breachesSecurity ...
Continue Reading... -
28 Aug 2014
The latest Android / Gmail security flaw & why people don’t take IT & security seriously
You may have heard about the recently-discovered Android exploit that makes Gmail vulnerable to criminal hackers. I read it over and realized that I have to use this opportunity share an example of what I talk about when "researchers" claim that all is bad in the world because of the latest and greatest exploit impacting whatever software or device they've discovered.This Android/Gmail finding in particular is a great example of ...
Continue Reading... -
27 Aug 2014
My new webcast on securing your Web environment against denial of service attacks
I saw a recent study that found that distributed denial of service attacks are getting larger and larger.The thing you need to be thinking about is how you're going to prevent and respond when your Web presence becomes a target.Well, good timing, because I just recorded a new webcast for my friends at SearchSecurity.com on this very topic...In Proven Practices for Securing Your Website Against DDoS Attacks, I have a ...
Continue Reading... -
22 Aug 2014
CISOs, lawyers, awareness training, and other infosec blunders you need to know about
I've been super busy putting my twisted thoughts on paper...here are a few pieces you might enjoy:When your lawyer becomes your CISO The compliance crutch holding up Corporate AmericaThe fallacy of information security awareness and trainingThe one skill worth mastering in ITQuantifying the disconnect between the business and securityThe critical item that’s missing from most IT security programsWhat's your one hot button security item? Top detractors of security oversight The funny ...
Continue Reading... -
19 Aug 2014
CommView for WiFi – a great option for wireless network analysis
Several years ago I wrote about the neat WEP/WPA recovery tools offered as part of TamoSoft's wireless network analyzer called CommView for WiFi. Well, those tools are no longer available but CommView for WiFi is as relevant as ever. I've been using it for years. It seems that it hasn't changed a ton other than some UI and packet analysis enhancements - probably just oversights on my part since I ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
