-
15 Sep 2011Your organization vs. BP: what will faulty decisions lead to in your business?
Imagine a scenario where poor management, failure to take appropriate action, personnel changes and miscommunication about who's responsible for what leads to a catastrophic event at your business? That's exactly what the findings were of the BP oil spill.Sadly, 11 people died because of this incident. Luckily, our line of work isn't quite so risky but your business can still get in a bind when information security is mismanaged.Here's a ...
Continue Reading... -
14 Sep 2011
NetIQ’s file integrity monitoring solution
A couple of weeks ago, I had the privilege of speaking at the Information Week / Dark Reading Virtual Trade Show How Security Breaches Happen and What Your Organization Can Do About It.In my presentation How to Win the War Against Cybercrime, I apparently had a brain-cramp moment and said that I'm not seeing anybody with good file integrity monitoring. Um, duh, Kevin (as I smack myself in the face), ...
Continue Reading... -
13 Sep 2011
Stephen Covey’s insight applies to information security
I love the following quote...very applicable to what we do:"You can't talk yourself out of a problem you behave yourself into." - Stephen CoveyOkay, you may be able to talk your way out of bad security decisions with the right attorneys or a cybersecurity insurance policy. Having worked cases involving data breaches, compliance and intellectual property, I can say that it won't be a short-lived, inexpensive or painless ordeal....
Continue Reading... -
12 Sep 2011
Speaking in Boston @ the CDW + TechTarget security seminar next week
I hope you'll have a chance to join me in Boston next week when I'm speaking at the TechTarget / CDW seminar: Predictive Security: Plan Ahead to Stay Ahead of the Next Threat.Boston, like several other upcoming events, is a 2-track seminar where I'll be giving the keynote and splitting the breakout sessions with my friend and roadshow colleague Pete Lindstrom among other vendor experts. [sidenote: Pete's the real draw ...
Continue Reading... -
12 Sep 2011
Microsoft Exchange Data Retention, Incident Response & Other Gotchas
Depending on where you're at with your Exchange "maturity model", here are a few pieces I've written for SearchExchange.com about Microsoft Exchange security oversights, policies and plans to help you along the way:How to write an effective data retention policy for ExchangeSolidify Your Exchange Server Incident Response PlanCommon Exchange Security OversightsEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my additional information security articles, whitepapers, podcasts, webcasts, books ...
Continue Reading... -
07 Sep 2011
What it takes to get ahead in IT and beyond
Good economy or not, people often ask: What can I do to get ahead in business? How can I stand out above the noise to enhance my career? How can I be a better network engineer, information security administrator, IT manager, speaker, writer and so on...?Whether you work for yourself or for someone else the answer is the same. You simply seek out the people who are at the top ...
Continue Reading... -
04 Sep 2011
DNS hack: UPS, National Geographic, Acer, etc. websites affected
Happy (almost) Labor Day...here's the latest from the criminal hackers: a DNS hack has redirected numerous websites of UPS, National Geographic, Acer, The Register and more. Nice. Betcha it was some low-hanging fruit someone, somewhere overlooked....
Continue Reading... -
31 Aug 2011
Talk is cheap: Time to rethink your data retention strategy (or lack thereof)?
Here's a fascinating story about a court case involving data retention you need to read. And pass it along to your management as well. It talks about how businesses aren't doing what they need to be doing with regard to data retention and how decisions are being made for us by the courts. Interestingly most businesses I come across (large and small) don't have any semblance of a data retention ...
Continue Reading... -
26 Aug 2011
My new book: Implementation Strategies for Fulfilling and Maintaining IT Compliance
Check out my latest book published by Realtimepublishers.com:In Implementation Strategies for Fulfilling and Maintaining IT Compliance I share strategic and tactical methods for getting your arms around the compliance beast. You can download all the chapters (below) for free by signing up on Realtime's site. They've got a ton over other good content too.Here's the low down:Businesses are struggling more and more with the compliance requirements being pushed on them ...
Continue Reading... -
25 Aug 2011
Join me live today at Dark Reading’s webinar #iwkdrbreaches
I'm speaking at the #Information Week/Dark Reading Virtual Trade Show How Security Breaches Happen and What Your Organization Can Do About It. My session is titled How to Win the War Against Cybercrime and starts at 2:30pm ET. Here are a few words about it: What are you doing to avoid becoming the next Wikileaks, Google, or Sony? Despite the fact that businesses will spend over 50 billion dollars worldwide ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
