-
09 Feb 2011Leave the phone alone…
You have to watch this video. Seriously, stop what you're doing now and watch this. This issue has a profound affect on you, your family, your friends - everyone around us. It'll make you cry. No matter how good a driver you are and no matter how much you've heard about this topic - everyone needs to see this video. Please pass it along....
Continue Reading... -
09 Feb 2011
Is it possible to do more with less?
In this era of limited budgets and "wait and see" leadership you still have to do something to manage IT and information security. I've always had trouble understanding why people can't focus on the basics and solve these problems using solutions already at their disposal. I guess the marketing machine is just doing its job.Here's a good article about this very thing written by my colleague and publisher Steve Lasky ...
Continue Reading... -
08 Feb 2011
Principles are not values
When I started my information security consulting business 10 years ago I believed the words "principle" and "logic" would be a good fit for the way I think and work. The concept and mode of operation has worked out great. I was just reading a quote by Stephen Covey that reminded me of this - and information security leadership in general...he said:"Principles are not values. A gang of thieves can ...
Continue Reading... -
08 Feb 2011
Findings from the Fort Hood shooting underscores today’s incident response reality
You may have heard about this in the news over the weekend: apparently the Army psychiatrist turned Islamic extremist who killed 13 people at Fort Hood in November 2009 could've been prevented had the FBI and Army been communicating with one another.Sadly the same poor communication exists in the corporate world. Along the same lines of this incident, based on what I see in my security assessments I can confidently ...
Continue Reading... -
06 Feb 2011
Lessons on Web security threats and testing
Here are some recent webcasts/podcasts I recorded for SearchSoftwareQuality.com (@SoftwareTestTT) on Web application security:Security Lesson: Beating Web application security threatsSecurity Lesson: How to test for common security defectsI feel like I'm just scratching the surface on this topic but, thinking about what's going on out there, many people have yet to realize there's even a problem. Focus on these basics and you're going to eliminate the large majority of Web ...
Continue Reading... -
04 Feb 2011
I’m quoted in today’s Wall Street Journal, p. B9
Joe Mullich, a writer for the @WSJ, has put together some great stories on cybercrime and data breaches in Marketplace (section B) today. My contribution is on smartphone security and it's located on page B9 at the end of the piece titled "A Surge of Smishes - Workers' laxness opens door to smartphone data theft".Also check out the piece on TigerText (the secret texting app) on page B11. Cool stuff....
Continue Reading... -
03 Feb 2011
Check out tomorrow’s Wall Street Journal @wsj
I'm being featured in a piece on #smartphones and mobile security in tomorrow's Wall Street Journal. More to come soon......
Continue Reading... -
03 Feb 2011
Don’t just do something, sit there.
Seriously, it's time to kill the #KillSwitch bill that I've written about recently. It's dangerous, it's not what America is about and it's only going to make things worse for our country, our economy and our personal liberty.Here's some more details along what you can do about it today:http://www.downsizedc.org/blog/new-initiative-kill-the-kill-switch-bill...
Continue Reading... -
31 Jan 2011
The Egyptian uprising tie-in with the U.S. Internet kill switch
The people rioting in Egypt against their oppressive government and the subsequent blocking of the Internet is an interesting issue that has a global reach. Foreign policy aside, have you stopped to think about the ramifications of the cybersecurity "kill switch" bills that our measly politicians are trying to force upon us?As I wrote previously, the proposed Rockefeller-Snowe Cybersecurity Act of 2009 (Senate Bill 773) and Lieberman-Collins-Carper Protecting Cyberspace as ...
Continue Reading... -
31 Jan 2011
It’s hard being human
Cavett Robert once said something about character that resonates within information security - especially regarding ongoing management and leadership. He said:"Character is the ability to carry out a good resolution long after the excitement of the moment has passed." When I saw this I was reminded of how pumped you can get when attending a show like RSA or CSI or how neat certain vendor marketing spiels sound. Another is ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
