-
12 Sep 2011Speaking in Boston @ the CDW + TechTarget security seminar next week
I hope you'll have a chance to join me in Boston next week when I'm speaking at the TechTarget / CDW seminar: Predictive Security: Plan Ahead to Stay Ahead of the Next Threat.Boston, like several other upcoming events, is a 2-track seminar where I'll be giving the keynote and splitting the breakout sessions with my friend and roadshow colleague Pete Lindstrom among other vendor experts. [sidenote: Pete's the real draw ...
Continue Reading... -
12 Sep 2011
Microsoft Exchange Data Retention, Incident Response & Other Gotchas
Depending on where you're at with your Exchange "maturity model", here are a few pieces I've written for SearchExchange.com about Microsoft Exchange security oversights, policies and plans to help you along the way:How to write an effective data retention policy for ExchangeSolidify Your Exchange Server Incident Response PlanCommon Exchange Security OversightsEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my additional information security articles, whitepapers, podcasts, webcasts, books ...
Continue Reading... -
07 Sep 2011
What it takes to get ahead in IT and beyond
Good economy or not, people often ask: What can I do to get ahead in business? How can I stand out above the noise to enhance my career? How can I be a better network engineer, information security administrator, IT manager, speaker, writer and so on...?Whether you work for yourself or for someone else the answer is the same. You simply seek out the people who are at the top ...
Continue Reading... -
04 Sep 2011
DNS hack: UPS, National Geographic, Acer, etc. websites affected
Happy (almost) Labor Day...here's the latest from the criminal hackers: a DNS hack has redirected numerous websites of UPS, National Geographic, Acer, The Register and more. Nice. Betcha it was some low-hanging fruit someone, somewhere overlooked....
Continue Reading... -
31 Aug 2011
Talk is cheap: Time to rethink your data retention strategy (or lack thereof)?
Here's a fascinating story about a court case involving data retention you need to read. And pass it along to your management as well. It talks about how businesses aren't doing what they need to be doing with regard to data retention and how decisions are being made for us by the courts. Interestingly most businesses I come across (large and small) don't have any semblance of a data retention ...
Continue Reading... -
26 Aug 2011
My new book: Implementation Strategies for Fulfilling and Maintaining IT Compliance
Check out my latest book published by Realtimepublishers.com:In Implementation Strategies for Fulfilling and Maintaining IT Compliance I share strategic and tactical methods for getting your arms around the compliance beast. You can download all the chapters (below) for free by signing up on Realtime's site. They've got a ton over other good content too.Here's the low down:Businesses are struggling more and more with the compliance requirements being pushed on them ...
Continue Reading... -
25 Aug 2011
Join me live today at Dark Reading’s webinar #iwkdrbreaches
I'm speaking at the #Information Week/Dark Reading Virtual Trade Show How Security Breaches Happen and What Your Organization Can Do About It. My session is titled How to Win the War Against Cybercrime and starts at 2:30pm ET. Here are a few words about it: What are you doing to avoid becoming the next Wikileaks, Google, or Sony? Despite the fact that businesses will spend over 50 billion dollars worldwide ...
Continue Reading... -
24 Aug 2011
What direction are you heading with data protection?
Here's a new guest blog post I wrote for the folks at Credant: Heading in the Wrong Direction with Data Protection? You may see this differently but I think we're heading down the wrong path in this area - especially on phones and other mobile devices. I suspect we'll end up in a situation like we have recently in the U.S. where the very people putting the "stimulus" bill and ...
Continue Reading... -
22 Aug 2011
Fine-tuning your Web application security
I think I could write about Web application security every hour of every day...there's just so much involved with building secure apps, proper security testing, getting (and keeping) management on board and so on...But I wouldn't want to torture you in that way. Anyway, here are a few bits you may be interested in: Properly scoping your Web security assessments The cure for many Web application security ills How much ...
Continue Reading... -
21 Aug 2011
Getting ahead in your career + keeping IT staff on board
Here are some new bits I've written about IT and information security careers. First, what you can do to stand out above the noise and move your career ahead: How IT pros can boost their worth -- and their salaries ...and second, what management can do to keep IT and security professionals interested in their jobs and on board with the business: How to retain your IT talent 8 best ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
