• 14 Aug 2013

    Municipal information security weaknesses, hacking, careers, & committees

    Here's some new content I've written recently on various information security topics you might be interested in:Government Security: Uncovering Your Weaknesses (common vulnerabilities I see when performing security assessments for municipalities)Eight questions to ask yourself before moving to C-suite management (are you really sure you want to do this!?)IT career paths: Working for yourself is an attainable dream (if you want to stop working for the man)Top 9 ways to ...

    Continue Reading...
  • 12 Aug 2013

    You can’t see the light ’til you open your eyes…

    I noticed a lot of interesting topics/news coming from the Black Hat conference last week such as: SSH Communications Security Unveils General Availability Of SSH Risk Assessor ToolPreparing For Possible Future Crypto AttacksCrack of mobile SIM card crypto and virtual machine features could let an attacker target and clone a phone HTTPS Hackable In 30 Seconds: DHS AlertNo doubt, these are all worthy topics that will help improve information security over the ...

    Continue Reading...
  • 18 Jul 2013

    Authenticated vulnerability scan pains…Rapid7 to the rescue.

    Apparently the folks at Rapid7 have people working on their Nexpose team that have actually performed security assessments for a living. You see, Nexpose has this seemingly trivial feature that can create a world of difference in the life of a security practitioner - it's part of the Site Configuration (i.e. scan settings) called Test Credentials as seen in the following screenshot: Sanity brought about by people who use their own ...

    Continue Reading...
  • 16 Jul 2013

    Never forget this

    Although we strive to get others on our side, here's a good reminder from the late Richard Carlson that applies to IT and information security that we should always keep in mind:"The sooner we accept the inevitable dilemma of not being able to win the approval of everyone we meet, the easier our lives will become". Speaking of building your confidence and independence, here are some new articles I've written ...

    Continue Reading...
  • 15 Jul 2013

    Infosec-related quote that strikes a chord

    I always love bringing philosophy, leadership, and personal responsibility into the information security discussion and here's one of the best quotes I've come across that resonates across all industries and businesses large and small:"To see what is right and not do it is a lack of courage." - ConfuciusWhat can you say to that...?Let this be the fire within that you use to get (and keep) the right people on ...

    Continue Reading...
  • 04 Jun 2013

    The root of every infosec failure is…

    Time management expert Alec McKenzie once said what could be the most profound statement ever that applies directly to what we do (or don't do) in information security:"Errant assumptions lie at the root of every failure."How's your security program looking today?...

    Continue Reading...
  • 24 May 2013

    Quoted in the Wall Street Journal this week

    I was quoted in the Wall Street Journal (Tuesday May 21 edition)...it's a piece written by Gregory Millman talking about how senior executives are often at the root of information security problems. Check it out:Corporate Security's Weak Link: Click-Happy CEOs Top Bosses, Exempt From Companywide Rules, Are More Likely to Take Cyber-Attackers' BaitAs I've written in the past, this is a big problem in businesses both large and small based on what ...

    Continue Reading...
  • 21 May 2013

    The next time you’re feeling bullied…

    Ever have a psychopathic executive (in IT or otherwise) try to force you to do something you simply can't support, railroad you down the wrong path, or attempt to make you feel inferior? You're not alone - I see and hear about this a LOT. There are many people pretending to be leaders who are simply insecure in their jobs so they try to flex their muscle to put up ...

    Continue Reading...
  • 18 May 2013

    Web security answers are changing – a frustrating, challenging, and humbling journey

    In reading one of Brian Tracy's books, Brian discusses a story of Albert Einstein and an exam he gave to his graduate physics class at Princeton University. After the exam, Dr. Einstein was approached by a student who asked: "Dr. Einstein, wasn't that the same exam that you gave to this physics class last year?" Dr. Einstein replied "Yes, it was the same exam as last year." The student then ...

    Continue Reading...
  • 02 May 2013

    Is your approach to application security based in reality?

    I know I say this a lot here - I've been so busy writing that I've been remiss in posting my actual content. So...I've got some content on web and mobile application security and penetration testing this time around.You see, there are so many researchers, theories, and academic approaches to web and mobile security that it's simply overwhelming. Much of it doesn't apply to what businesses really need to be ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.