-
15 Mar 2012Flaws, compliance and the Cybersecurity Act of 2012
Here are some new pieces I've recently written that you may be interested in...big things in security we need to have on our radar: Six Security Flaws on Your Network Right Now Find the Most Flaws By Balancing Automated Scans with Manual Analysis Compliance is just the beginning New and not-so-new security twists in the Cybersecurity Act of 2012 Enjoy! Be sure to check out www.principlelogic.com/resources.html for links to all ...
Continue Reading... -
14 Mar 2012
My upcoming webcast with Checkmarx: How to Use Source Code Analysis to Improve Information Security
Join me next week, Thursday March 22, for a quick webcast where I'll be co-presenting on the topic of source code analysis and how it can improve your information security over time. I'm convinced that source code analysis is one of the missing links in the overall security process. As I say all the time: you cannot secure what you don't acknowledge. Ignoring security flaws at the source can be ...
Continue Reading... -
14 Mar 2012
My Atlanta CDW/TechTarget seminar
We had a friendly and larger than expected crowd at our event CDW/TechTarget information security seminar yesterday. Thanks to those who came out!My favorite part of these events is learning new ideas from the participants and the other speakers. In this ever-changing world in which we work, it's hard to keep up and there's certainly no way to know it all. Every little nugget helps. Looking forward to an even ...
Continue Reading... -
09 Mar 2012
My upcoming webcast on firewall management
Join me and AlgoSec's Nimmy Reichenberg next week for a unique discussion on strategies for improving firewall management.We all know it's the elephant in the room...Today's enterprises have firewalls that are so complex and so fragile yet no one's really taking care of them. Any processes that do exist around rule management, rule changes and firewall risk analysis are often manual - and oh so painful.I know, I know, firewalls ...
Continue Reading... -
01 Mar 2012
My final takeaway from #RSAC
I said my farewell to the RSA Conference Tuesday evening but had some final thoughts about the show that I wanted to share with you.In addition to the keynotes I talked about, I attended a mock trial session involving malware, a digital certificate acquired for ill-gotten gains, and a healthcare company that ignored all things HIPAA (heard that a million times!) as well as a session by HP's Jacob West ...
Continue Reading... -
28 Feb 2012
Video: #RSAC 2012 is off and running
I'm live at the RSA Conference and here are my thoughts on the first two keynotes along with why you need to come to this show....
Continue Reading... -
27 Feb 2012
Live from #RSAC: Cloud computing’s got some kinks (but you knew that)
I'm attending the RSA Conference this week and just sat through a panel discussion on cross-jurisdictional issues in the cloud. It was part of the Cloud Security Alliance Summit 2012.Here's what I heard: there are tons of considerations around the management, access and even the e-discovery personal data in the cloud...lots of variables and just as many things still up in the air. I'm convinced that being an information privacy ...
Continue Reading... -
27 Feb 2012
Video: Seeing the big picture in information security
Little has been written about this in the context of information security but it's something you've go to consider in every decision you make:...
Continue Reading... -
24 Feb 2012
CDW-TechTarget seminars are back this year – join me in Atlanta soon
Great news - I'll be speaking at the CDW-TechTarget roadshows again this year! Our first show kicks off in Atlanta on March 13th and then we start zig-zagging across the country every few weeks until late September. For most of the shows I'll be giving two presentations:Adapting Your Old-School Network Security Agenda to Today's New-School Security Challenges ...and:Ensuring Security Controls in an Anytime, Anywhere Access EnvironmentThere will also be vendor ...
Continue Reading... -
19 Feb 2012
Got compliance on your mind?
I figured you did...it seems everyone does these days. However you look at compliance - be it a threat, a security enabler or just a pain in the rear-end - here are some new pieces I've written that may help:Our dangerous overdependence on IT auditingCompliance considerations when disposing old equipmentHow Windows Server 8 can help with complianceEnjoy!Be sure to check out www.principlelogic.com/resources.html for links to all of my information security ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
