• 21 Nov 2011

    Don’t turn a blind eye on the basics

    I'm all about shoring up the basics of Web security before throwing money at the situation. If you're interested in saving not only money but also time and effort, here are some new pieces I've written on Web security that you may be interested in: Explaining the why of Web application security Improving Web security by working with what you’ve got Not all Web vulnerability scans are created equal Why ...

    Continue Reading...
  • 20 Nov 2011

    A new way to bleed

    I was in New York City this past week for my final keynote and related presentations for our TechTarget & CDW information security roadshow. Wow, 10 cities in eight months - what a great way to end our year. Of course, being in New York I couldn't help but notice the *constant* coverage of the Occupy Wall Street protests that ended up turning a bit ugly on Thursday - the ...

    Continue Reading...
  • 14 Nov 2011

    For incidents, preparation is key…But you’ve been hacked, now what?

    Here are some new pieces I've written for TechTarget and Security Technology Executive magazine on compliance that you may be interested in:Preparing for an incident at the workstation levelDevelop a Flight PlanHow to know if your website has been hacked As always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security whitepapers, podcasts, webcasts, books and more....

    Continue Reading...
  • 10 Nov 2011

    Join me at the CDW – TechTarget seminars in Philly & NY next week

    If you happen to be in or around Philadelphia, PA or New York City next week, I'd love it if you could join us for our TechTarget / CDW seminars: Predictive Security: Plan Ahead to Stay Ahead of the Next Threat.I'll be giving the keynote presentation and splitting the breakout sessions with Pete Lindstrom and other vendor experts. After the morning sessions and a great lunch, we'll get back together ...

    Continue Reading...
  • 10 Nov 2011

    Why compliance is a threat

    Compliance as we know it is arguably one of the greatest threats to enterprise security. Here's why:It creates a heightened sense of self for those responsible for accomplishing a state of compliance.It can cost more to become "compliant" than it does to create a reasonably secure environment.It empowers government.All of the above create complacency and a false sense of security. Please tell me I'm wrong....

    Continue Reading...
  • 09 Nov 2011

    Wooo…HIPAA audits are coming & the irony of KPMG’s involvement

    I've always believed that compliance is a threat to business [hence why I help businesses take the pain out of compliance by addressing their actual information security issues] and this new bit from HHS's Office of Civil Rights is no different. Apparently the HIPAA audits are coming...KPMG - an audit firm that has already proven they have trouble implementing the basic security controls they audit others against - scored a ...

    Continue Reading...
  • 08 Nov 2011

    Mobile devices are the new desktop, what to do now!?

    Here are some new pieces I've written for my friends at TechTarget on mobile security that you may be interested in including a piece for TechTarget's new (I think) SearchConsumerization.com site:It's time we shift our thinking about endpoint protectionAct now to prevent smartphone security risks at your organizationCompliance officers' next big headache: Securing mobile applicationsYou know the deal, be sure to check out www.principlelogic.com/resources.html for links to all of my ...

    Continue Reading...
  • 08 Nov 2011

    One of my pet peeves: relying on users to wipe out wimpy passwords

    You cannot - and should never - rely on your users for complete security...yet they're often the first or last line of defense - sometimes both. I wrote about this a while back but it's a problem that's still rampant in IT so I had to bring it up again. It's probably my biggest pet peeves with security. Simply telling users that they need to select strong passwords on their ...

    Continue Reading...
  • 01 Nov 2011

    What needs to change?

    The late Richard Carlson once said:Circumstances don't make a person, they reveal him or her. There are times when other people and/or circumstances contribute to our problems, but it is we who must rise to the occasion and take responsibility for our own happiness. Deep.Whether you're caught up in an IT project mess, a data breach or even the #Occupy "movement", keep this in mind. We're the sum of our ...

    Continue Reading...
  • 25 Oct 2011

    Your title really means nothing

    I can't tell you how many times I've met people over the years who have a fancy title like CEO or Director of This and That and it ended up being more of a façade than anything. As John Maxwell talks about in this video, your title really means nothing.I've often told people, I don't care what you call me as long as you pay me what I'm worth. That ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.