• 26 Apr 2013

    Clueless in the cloud – think before you act

    A recent Network World piece about an RSA 2013 panel that covered cloud forensics and whether or not your cloud providers will be able to come through for you in the event of a lawsuit or breach bringing some critical pitfalls of cloud computing.  Two things are certain:If you're lucky enough for your business to be around for the long haul, odds are that it'll ultimately be hit with a ...

    Continue Reading...
  • 23 Apr 2013

    Wednesday (early) morning’s webcast: State of Cyber Security 2013

    ISACA and TechTarget are putting it on...It starts tomorrow (Wednesday) morning at 7:45am ET.Several thousand people will be in attendance...it's the largest crowd I've ever spoken to.It'll be engaging. It'll be informative. You'll hear what I really think about Obama's Cybersecurity mandates. You can't miss it.I'll be kicking things off with the keynote...then I'll be followed by some true information security experts:Theresa M. Grafenstine, Inspector General U.S. House of RepresentativesDr. ...

    Continue Reading...
  • 06 Apr 2013

    Must-have Thunderbird to Outlook conversion tool

    I recently decided to convert my Thunderbird email to Outlook and didn't have a lot of luck finding a tool that actually worked. Maybe it's because I have a pretty complex Thunderbird configuration with emails dating back to my first messages I sent/received using Netscape Mail (remember that from the 1990s?) .I came across a tool that was a perfect fit what I needed: Aid4Mail Professional by Fookes Software. It ...

    Continue Reading...
  • 03 Apr 2013

    Regardless of the subject, people see what they want to see

    Here's a great quote by Jay Abraham that resonates with IT, information security, politics - you name it:"An amazing thing, the human brain. Capable of understanding incredibly complex and intricate concepts. Yet at times unable to recognize the obvious and simple."...

    Continue Reading...
  • 28 Mar 2013

    The idiocy of gun control summarized in a single graphic

    I reference "heads in sand" quite often regarding information security but no subject better summarizes this concept than people's willingness to let the government tell them when and where they can defend themselves and their families from criminal thugs. This graphic (source unknown) says it all:Ask anyone who's against self-defense, personal responsibility, and free will if they'd consider putting a sign in their yard or on their door that says ...

    Continue Reading...
  • 25 Mar 2013

    Default to F.U.D. and everything’ll be okay

    If you can't convince them, confuse them. That's what Harry Truman once said and it reminds me of many IT and information security professionals. They struggle to communicate effectively so they just take the lawyer route and attempt to make things even more confusing...and we wonder why many people outside of IT don't take us very seriously....

    Continue Reading...
  • 07 Mar 2013

    Got Compliance? Here’s my way of reducing your pain just a bit.

    It's been a while and the content is stacking up, so here's the first of many upcoming posts on new content I've written. This time up, it's a set of tips I've written for Ben Cole at SearchCompliance.com about that dreaded subject...you guessed it....compliance.Enjoy!Considering a career in compliance? Heed these warnings firstAudits, maintenance crucial to business continuity policy successControl, visibility essential to records management and complianceBeware the perils of organization-wide ...

    Continue Reading...
  • 01 Mar 2013

    Got WordPress? You’d better secure it.

    If you use WordPress, take note. My colleague Robert Abela, one of the foremost experts on WordPress security, has a new course at Udemy.com on Securing a WordPress Blog or Website for Beginners that you should check out. The course costs $15. When you use the coupon code OnWheels, you'll receive a $5 (33%) discount. Don't let your guard down because "it's just a marketing site". WordPress-based sites can have ...

    Continue Reading...
  • 28 Feb 2013

    Mobile app security assessments

    I wrote recently about performing source code analysis for mobile apps. I'm seeing some crazy stuff that I didn't think I'd see in mobile apps (but I'm not really surprised) related to session manipulation, hard-coded cryptographic keys and the like which underscores the importance of the exercise.But there's another side to mobile app security assessments - it's simply manual analysis. That is poking around with the apps and the mobile ...

    Continue Reading...
  • 21 Feb 2013

    Yet another reason to get more in tune w/mobile & the cloud

    Here's a good post from Elcomsoft's Vladimir Katalov that underscores the dangers of many things I've written and spoken about in recent years: Cloud security - especially as it relates to mobile apps (and in the case of this piece, iCloud)  Mobile control - BYOD, MDM and all those buzzwords sound nice but what exactly are you doing to ensure the business information that's being carelessly handled by your employees ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.