• 08 Feb 2012

    Video: My new whitepaper on SQL Server security threats & compliance

    Check out my new whitepaper The SQL Security Security Threat - It's closer than you think sponsored by Idera:...

    Continue Reading...
  • 08 Feb 2012

    What’s it going to take for police departments to secure their websites?

    Here's yet another story about a police department website being compromised by criminal hackers. When a regular citizen's home address is exposed, that's one thing. But when the addresses of police chiefs are published online, that opens up an entirely new set of risks for their personal safety. Sad. Hey, at least the police chiefs I know are armed and well-trained experts. Would be pretty foolish to try and attack ...

    Continue Reading...
  • 08 Feb 2012

    Introducing my information security YouTube channel – PrincipleLogic

    Check out my new YouTube channel (www.youtube.com/PrincipleLogic): I'm really excited about this. More videos coming soon.I plan to post video blogs once or twice a week so be sure to subscribe on YouTube or via my RSS feed.Enjoy!...

    Continue Reading...
  • 06 Feb 2012

    My new material on Web application & website security

    Here are several new pieces I've written on Web site/application security. Lots of angles and considerations:There’s more to web security than meets the eyeWeb passwords are often the weakest linkTo validate or not, is that the question?Protecting FTP services running on your Web serverThe critical Web-based systems that are going untested and unsecuredGood Web Security Tools and Why They MatterWhy you need intruder lockoutWeb security is like the layers of ...

    Continue Reading...
  • 31 Jan 2012

    Where’s your information security focus?

    You cannot change facts (i.e. the industry your business is in, the regulations it's up against, the type of sensitive information you're responsible for managing, etc.) but you can change problems (i.e. user behavior, wayward goals, management not on board with security, etc. ).As the philosopher James Burnham once said: "If there is no alternative, there is no problem." In the case of information security, there are tons of alternatives to ...

    Continue Reading...
  • 27 Jan 2012

    You cannot multiple security by dividing it – Infosec’s relationship with Socialism

    I'm not much into urban legends and the like but came across this bit the other day and it really made me think. What a great analogy that impacts all of us both personally and professionally with some interesting information security and compliance tie-ins that I see all the time:An economics professor at a local college made a statement that he had never failed a single student before, but had ...

    Continue Reading...
  • 26 Jan 2012

    Evanta CISO event and why St. Jude’s has it right

    This week I had the opportunity and privilege to serve as a panelist on mobile security at the Evanta CISO Executive Summit in Atlanta. What a neat event...it wasn't just another infosec show. It was unique in its focus and well run by Corrine Buchanan and Mitch Evans who always seemed to have a smile on their faces - something we don't see enough of at these types of shows. ...

    Continue Reading...
  • 25 Jan 2012

    Complacency, meet APT – How basic oversights lead to complex malware infections

    Low-hanging fruit – that is, the missing patches, default passwords, lack of full disk encryption and so on present in practically every environment – is something I’ve ranted about time and again because there’s no reason to have it on your network. Why? Well, for one thing, rogue insiders may just exploit it for ill-gotten gains. But even worse, low-hanging fruit can be the target of malware exploitations that you’re ...

    Continue Reading...
  • 23 Jan 2012

    Are your high-tech devices enslaving you?

    The late Richard Carlson, author of Don't Sweat the Small Stuff, said:"It's important to see when your high-tech communication devices actually limit your freedom, enslaving you instead of providing new opportunities for growth."Wow...How true that is!Have you ever tried to not look at your emails or answer phone calls when you're out and about with  your family or taking some time to yourself? It's pretty darned difficult but it can ...

    Continue Reading...
  • 20 Jan 2012

    My articles & webcasts on hacking, incident response, compliance & IAM

    I wanted to share with you a few new pieces I've written for TechTarget and Cygnus on incident response, compliance for systems integrators and the not-so-sexy but all-too-important technology,  identity and access management:The importance of incident response plans in disaster recoveryRegulatory compliance requirements for security solutions providersIdentity Management’s great bang for the buckAlso, here are some webcasts I recorded for TechTarget, Information Week/Dark Reading and SecurityInfoWatch.com that you may be ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance confidentiality covid-19 cybersecurity data breaches defensibility discipline eagle syndrome executive management hacking Hacking For Dummies helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords patching policy enforcement Power Four rare diseases resilience security security leadership social engineering tethered spinal cord threat intelligence tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.