-
25 Jan 2012Complacency, meet APT – How basic oversights lead to complex malware infections
Low-hanging fruit – that is, the missing patches, default passwords, lack of full disk encryption and so on present in practically every environment – is something I’ve ranted about time and again because there’s no reason to have it on your network. Why? Well, for one thing, rogue insiders may just exploit it for ill-gotten gains. But even worse, low-hanging fruit can be the target of malware exploitations that you’re ...
Continue Reading... -
23 Jan 2012
Are your high-tech devices enslaving you?
The late Richard Carlson, author of Don't Sweat the Small Stuff, said:"It's important to see when your high-tech communication devices actually limit your freedom, enslaving you instead of providing new opportunities for growth."Wow...How true that is!Have you ever tried to not look at your emails or answer phone calls when you're out and about with your family or taking some time to yourself? It's pretty darned difficult but it can ...
Continue Reading... -
20 Jan 2012
My articles & webcasts on hacking, incident response, compliance & IAM
I wanted to share with you a few new pieces I've written for TechTarget and Cygnus on incident response, compliance for systems integrators and the not-so-sexy but all-too-important technology, identity and access management:The importance of incident response plans in disaster recoveryRegulatory compliance requirements for security solutions providersIdentity Management’s great bang for the buckAlso, here are some webcasts I recorded for TechTarget, Information Week/Dark Reading and SecurityInfoWatch.com that you may be ...
Continue Reading... -
20 Jan 2012
Executives could learn a lot from Supernanny
We all have a lot to learn from Jo Frost, the Supernanny. In particular, when it comes to information security, IT management, employee computer usage and so on, business executives could benefit a ton. Here's how it'd go:Create a set of rules.Enforce your darned rules!...
Continue Reading... -
20 Jan 2012
The role of IT in fighting today’s malware
It seems ever since I wrote my paper The Malware Threat Businesses are Ignoring and How Damballa Failsafe Fits In I’m seeing more and more vendors jump on the bandwagon. Today’s malware impacts everything from the network infrastructure to the endpoint and everyone wants a piece of the pie. I know the market is growing so I can’t blame people for wanting to capitalize on the opportunity.Vendors aside, what is ...
Continue Reading... -
19 Jan 2012
My interview in Hackin9 magazine
If you subscribe to Hackin9 magazine, check out this issue where they feature an interviewed with me about how the information security landscape has changed over the past decade, how you can get started in information security, my take on compliance and more.If you don't subscribe to Hackin9, it's a great trade rag for technical security pros and (especially?) non-technical IT, security and compliance pros...Putting the occasional typographical errors aside, ...
Continue Reading... -
19 Jan 2012
Quoted in today’s SC Magazine feature story on Symantec
Stephen Lawton wrote today's SC Magazine feature news story on the Symantec source code breach in which I'm quoted.I provided these quotes late last night and it was interesting timing because I was speaking at local university's AITP chapter yesterday evening and I told my audience that no one is immune from hacking - not even IT and security pros...and obviously not information security companies.It's a crazy world out there. ...
Continue Reading... -
11 Jan 2012
Great year for my book Hacking For Dummies, 3rd edition
2011 was a great year for me in so many ways. I feel extremely blessed and very lucky. Part of this was related to my book Hacking For Dummies, which is now in its third edition. I knew that sales were up - I believe in large part due to all the speaking engagements I did for TechTarget and others.Well, I just found out from my publisher that it's safe ...
Continue Reading... -
09 Jan 2012
New Year’s Resolutions merely create gym overcrowding
Be it New Year's resolutions (I'm going to lose weight this year!), career resolutions (I'm going to get a different job this year!) or financial resolutions (I'm going to get out of debt this year!)....traditional resolutions just don't work.Just check out how your local gym parking lot transforms between now and next month. I can't wait until around mid-February when the crowds will predictably die down and I can get ...
Continue Reading... -
05 Jan 2012
My Web app security epiphany: The Lysol Effect
I just had an epiphany in the bathroom. I know, I know...bear with me.I thought to myself, Why is it people use Lysol to cover up, um, smells and such in the bathroom?? Sure Lysol kills the problem at the source but, goodness gracious, there are other means of consideration than to merely cloud up the bathroom covering up something that probably shouldn't be there in the first place! Know ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
