-
06 Jun 2011InfraGard Atlanta hack highlights some lessons for us all
What started with an email from a colleague's compromised Gmail account Friday evening has ended up making international news - the InfraGard Atlanta website has been hacked. With user names, email addresses and passwords - including those associated with the FBI - available via a quick web search I knew that this was a pretty serious issue. Although I've been disconnected from InfraGard Atlanta for the past ~6 years, I ...
Continue Reading... -
31 May 2011
An unintended consequence of fast food “going green”
I was just pondering the negative side-effects and unintended consequences of many of the fast food restaurants who are "going green" (I use that term loosely because it's so overused in the name of marketing). The thing is so many restaurants like Panera and Moe's as well as countless others I've visited in my travels this year have these flimsy plastic Solo (and other brand) cups that aren't worth a ...
Continue Reading... -
31 May 2011
Ever heard of “gruntled” workers?
We always hear about "disgruntled workers" wreaking havoc on computer systems and sensitive information. Interestingly we never hear about "gruntled" workers and how they can help improve security...Thanks to a Merriam Webster's "Word of the Day" I came across I now know that there's another side to the overused word "disgruntled". Interestingly, according to M-W, the prefix "dis-" usually means "to do the opposite of," hence the assumption that if ...
Continue Reading... -
25 May 2011
Web appsec compliance & low-hanging fruit – it’s all up to us!
Here are some recent pieces I wrote on Web application security common sense for my colleagues at Acunetix that you may be interested in:But Compliance is Someone Else’s Job!Low-hanging fruit becomes big news with the 2011 Verizon Data Breach reportGoing Beyond Confirmed Web Security FlawsEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
25 May 2011
Texas Comptroller’s Office IT woes = security breach
Here's a Dallas Morning News story I was interviewed for - interesting IT woes in the Texas comptroller's office:Texas comptroller’s tech office had high turnover, employee complaints before breach Thanks go out to Kelly Shannon and my colleagues over at Focus.com for getting me involved....
Continue Reading... -
25 May 2011
If you don’t have NetScanTools Pro v11, you’re missing out
It's been a long time coming but the latest incarnation of one of my favorite network/security tools - NetScanTools Pro v11 - is out. Kirk Thomas at Northwest Performance Software has done a bang-up job on the user interface in the new version...something that's gotten better - albeit slowly - over the years. Not that I could do any better - I can't imagine having to know network protocols at ...
Continue Reading... -
23 May 2011
Sony PlayStation discussion download
In case you missed our Sony PlayStation Security Fiasco roundtable discussion last week, here's a link to the MP3 recording.Enjoy!...
Continue Reading... -
23 May 2011
Recap of TechEd 2011: more of the same, but you need to go
Given that TechEd was held in my neck of the woods this year I couldn't resist the opportunity to check it out. It's funny, I've been working with/around Microsoft products for some 22 years now and I've *never* attended this show. Maybe it's my ingrained Novell bigotry that I've yet to shed.My main goal was to catch up with some clients and see the latest happenings with Security Compliance Manager ...
Continue Reading... -
20 May 2011
Newt is setting an example for all of us this week
I truly believe that Newt Gingrich is currently setting an excellent example of how we should live our lives. He's principled. He's unwavering. The man is unbreakable. Sure, he has made some bad choices and has stuck his foot in his mouth a few times. Answer me this: Who hasn't!? Look at what the liberal media and those who are threatened by his ideas are throwing at him this week. ...
Continue Reading... -
19 May 2011
Not all experience is good
As with golf, racing cars or whatever, just because you have "experience" doesn't mean you're on top of your game. I just came across a quote that sums this up nicely - especially for those of us in IT and information security:"Experience is valuable only if it's imbued with meaning from which one can draw salient conclusions. Otherwise, experience becomes imprisoning." -Barry McCaffrey...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
