-
27 Feb 2012Live from #RSAC: Cloud computing’s got some kinks (but you knew that)
I'm attending the RSA Conference this week and just sat through a panel discussion on cross-jurisdictional issues in the cloud. It was part of the Cloud Security Alliance Summit 2012.Here's what I heard: there are tons of considerations around the management, access and even the e-discovery personal data in the cloud...lots of variables and just as many things still up in the air. I'm convinced that being an information privacy ...
Continue Reading... -
27 Feb 2012
Video: Seeing the big picture in information security
Little has been written about this in the context of information security but it's something you've go to consider in every decision you make:...
Continue Reading... -
24 Feb 2012
CDW-TechTarget seminars are back this year – join me in Atlanta soon
Great news - I'll be speaking at the CDW-TechTarget roadshows again this year! Our first show kicks off in Atlanta on March 13th and then we start zig-zagging across the country every few weeks until late September. For most of the shows I'll be giving two presentations:Adapting Your Old-School Network Security Agenda to Today's New-School Security Challenges ...and:Ensuring Security Controls in an Anytime, Anywhere Access EnvironmentThere will also be vendor ...
Continue Reading... -
19 Feb 2012
Got compliance on your mind?
I figured you did...it seems everyone does these days. However you look at compliance - be it a threat, a security enabler or just a pain in the rear-end - here are some new pieces I've written that may help:Our dangerous overdependence on IT auditingCompliance considerations when disposing old equipmentHow Windows Server 8 can help with complianceEnjoy!Be sure to check out www.principlelogic.com/resources.html for links to all of my information security ...
Continue Reading... -
12 Feb 2012
SQL injection cheatsheet & tips for getting management on board
Here's a neat "cheatsheet" on SQL injection by NTObjectives that outlines some common attack strings, commands and so forth. Their SQL Invader SQL injection tool is worth checking out as well. If you're having trouble selling management on the dangers of SQL injection, check out this piece I wrote about it not long ago: SQL Injection – The Web Flaw That Keeps on Giving Ten Ways to Sell Security to ...
Continue Reading... -
10 Feb 2012
Video: The one infosec skill you need to be working on
Develop and maintain this one skill and you'll position yourself to be a much more valuable information security professional: ...
Continue Reading... -
09 Feb 2012
Video: My new whitepaper on advanced malware and how Damballa Failsafe fits in
Introduction to the threat we're facing and my new whitepaper The Malware Threat Businesses are Ignoring and How Damballa Failsafe Fits In: ...
Continue Reading... -
08 Feb 2012
Video: My new whitepaper on SQL Server security threats & compliance
Check out my new whitepaper The SQL Security Security Threat - It's closer than you think sponsored by Idera:...
Continue Reading... -
08 Feb 2012
What’s it going to take for police departments to secure their websites?
Here's yet another story about a police department website being compromised by criminal hackers. When a regular citizen's home address is exposed, that's one thing. But when the addresses of police chiefs are published online, that opens up an entirely new set of risks for their personal safety. Sad. Hey, at least the police chiefs I know are armed and well-trained experts. Would be pretty foolish to try and attack ...
Continue Reading... -
08 Feb 2012
Introducing my information security YouTube channel – PrincipleLogic
Check out my new YouTube channel (www.youtube.com/PrincipleLogic): I'm really excited about this. More videos coming soon.I plan to post video blogs once or twice a week so be sure to subscribe on YouTube or via my RSS feed.Enjoy!...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
