-
27 Aug 2010Work harder on yourself than you do on your job
Many people want to take the easy path that promises to lead them to their riches rather than work hard over the long term and earn it the good old-fashioned way. It's the lottery mentality. James Allen said it best:"Men are anxious to improve their circumstances, but are unwilling to improve themselves; they therefore remain bound." Want to get begin improving your circumstances in your life and in your IT/security ...
Continue Reading... -
26 Aug 2010
Good new book on security awareness
I have to admit, when my colleague Marcos Christodonte first approached me about reviewing his new security awareness book, Cyber Within, I thought here's yet another book on boring old security awareness. I was wrong. Cyber Within takes a very unique (suspense novel-like) approach to address the problem we have with employees and information security. And it works.The book is a quick read - just 47 pages - but it's ...
Continue Reading... -
26 Aug 2010
Acunetix WVS v7 – grand improvements in the making
When I find a good security tool I not only love using it but I love telling everyone about it. Having gone down this road many times myself, I understand the time, money, and hassle associated with investing in security tools that aren't all that. Well, here's one for you: Acunetix Web Vulnerability Scanner (AWVS) version 7 (it's currently in beta and free for you to try).The folks at at ...
Continue Reading... -
25 Aug 2010
500 million and counting…
I just received a press release from Beth Givens at the Privacy Rights Clearinghouse stating "500 Million Sensitive Records Breached Since 2005". 500 million+ known records that have been compromised in 5.5 years in the U.S. alone due to people in organizations large and small making poor choices about information security and privacy! Simply amazing.If you haven't seen the Chronology of Data Breaches, check it out. It's fascinating. The problem ...
Continue Reading... -
24 Aug 2010
Selling security: To persuade to is succeed
Okay, so your managers aren't getting security and your users aren't on board either. Security's not looking too good but you know it needs to happen. Just how can you "sell" security to those who matter most? Here's a collection of articles and blog posts I've written that address this very subject:How to get - and keep - user support with securityHow to get management on board with Web 2.0 ...
Continue Reading... -
24 Aug 2010
Relentless incrementalism
I don't know who coined the term "relentless incrementalism" but it's very fitting when it comes to information security. In the context of what we do, relentless incrementalism means doing small things over time that add up to big outcomes in the long term.All of us - management included - have to understand that security is not a one-time deal. Nor is it a product or a "compliant" status. It's ...
Continue Reading... -
23 Aug 2010
Panic is not a strategy
Seriously...it's not.In this new piece I wrote for Security & Technology Design magazine, I talk about the lack of incident response planning being one of if not the biggest risk in any given organization...and what you can do about it:Incident response: The biggest security gaffe of all?If anything, never forget what Captain Chesley Sullenberger said after he landed U.S. Airways flight 1549 into the Hudson River last year:"I didn't have ...
Continue Reading... -
23 Aug 2010
Common sense counts the most
A great quote I heard over the weekend has a direct tie-in to what we focus (or don't focus) our efforts on in information security. NASCAR champion Ned Jarrett said:"There's nothing stronger when you're trying to get something done than common sense."I couldn't agree more.In the realm of IT and managing information risks, I'll take common sense over book smarts any day....
Continue Reading... -
19 Aug 2010
Have you told someone “no” lately? It’s good for you.
Jack Canfield had a great quote that relates well to information security (and the lack of time to manage it) as well as our overall careers. He said:"Success depends on getting good at saying no without feeling guilty. You cannot get ahead with your own goals if you are always saying yes to someone else's projects. You can only get ahead with your desired lifestyle if you are focused on ...
Continue Reading... -
19 Aug 2010
How dare we question our rulers!?
I've kept my mouth shut about this long enough. Why aren't more Americans standing up against this mosque at ground zero nonsense!? The mosque is clearly nothing more than a symbolic mark of victory on our soil by the very group that's trying so hard to bring our society down. And our own government is facilitating this.Where is our country headed when one of our "rulers" says that any opposition ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
