-
28 Sep 2010Cybersecurity Act of 2009 – It’s great for government growth!
You may already know how I feel about our out of control government. Well here's a new piece I wrote about the Cybersecurity Act of 2009 - legislation that'll make your head spin.Why the Cybersecurity Act is better for government than businessIn subsequent edits to this article I had added some material on the new Lieberman-Carper-Collins legislation Protecting Cyberspace as a National Asset Act of 2010 (a.k.a. Senate Bill 3480) ...
Continue Reading... -
28 Sep 2010
New Windows identity & access management resources
Here are some new pieces I wrote for SearchWindowsServer.com on Windows IAM - pros, cons, and considerations:Are identity and access management payoffs worth the fuss?The compliance benefits of Windows identity and access managementSix ways to improve identity and access management (IAM) for WindowsFinding the value in Microsoft Forefront Identity Manager 2010Enjoy!...
Continue Reading... -
27 Sep 2010
Got VoIP? Better make sure it’s secure.
Given that VoIP has been around for more than 10 years, it's hard to find a business where's it's not running in some capacity. I do find it interesting how many network managers aren't too concerned about the security of VoIP. People say things like "It's on the inside of the network", "It's running on a separate VLAN", and "We're PCI and HIPAA compliant but there's nothing of significance being ...
Continue Reading... -
27 Sep 2010
It all goes back to choice
I've said it before and I've come across a quote that prompts me to say it again. Peter McWilliams once said "We are all, right now, living the life we choose."The same goes for security...and compliance...and overall business risk. The sum of your business decisions up to this point define exactly where you are right now.As Og Mandino said "Use wisely your power of choice." As I've discovered it's hard ...
Continue Reading... -
26 Sep 2010
Looking for a tech job? Here’s what you have to do to stand out.
If you're currently looking for a job in IT with the current unemployment rate at 9.6% you know how difficult things can be. Deep down you likely know that you've got to do something to stand out above the noise so you can land that new position. But just what is it that you need to do? Do you network more, do you go back to school, do you get ...
Continue Reading... -
24 Sep 2010
Want to be a security expert? Just start a blog & a Twitter account
I find it intriguing how may security experts there are on the Web with zero credentials to back it up. I especially see this with former journalists and reporters turned infosec pundits. It seems that so many of these people who used to write for newspapers and computer magazines have suddenly changed their focus now that security's all the rage. Maybe it's the job market? A friend told me recently ...
Continue Reading... -
21 Sep 2010
Just run down the checklist – that’s “good enough”
No offense to my auditor friends/colleagues and all the hands-on auditors of the world who DO know their stuff...Here's a new piece I wrote about one of the greatest impediments to reasonable information security in business today:Why do so many people buy into “checklist” audits?...goes back to the compliance crutch mentality that my colleague Charles Cresson Wood and I wrote about last year. Time to move on?? Looking at how ...
Continue Reading... -
20 Sep 2010
With this tool there’s no excuse to not analyze your source code
A few months back I wrote about Checkmarx's CxDeveloper source code analysis product. Well, I've had some more recent source code analysis experience with the tool and thought I'd write a follow up piece.I'll start by saying that I can't stress how cost-effective this tool is for performing source code analysis...esp. when similar products cost MUCH more. Granted, I haven't performed my own run-off between CxDeveloper and the likes of ...
Continue Reading... -
20 Sep 2010
Be careful what you ask for
Richard Carlson once said "Be careful what you ask for....sometimes your life is pretty darn good exactly the way it is." He went on to say "Think carefully through what it is you think you want, because you just might end up getting it, which is often more than you bargained for - more frustration, more grief, more travel, more responsibility, more conflict, more demands on your time, and so ...
Continue Reading... -
20 Sep 2010
Silent tyranny in the name of “cybersecurity”
I just finished a new article on the Cybersecurity Act of 2009 (a.k.a. Rockefeller-Snowe Cybersecurity Act or S. 773) and the equally scary Protecting Cyberspace as a National Asset Act of 2010 (a.k.a. Lieberman-Carper-Collins or S. 3480). Goodness gracious folks. Have you read these pieces of legislation yet? Are you tracking what's going on? There's some serious government control headed our way if we sit back at let politicians force ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
