-
14 Jun 2010Survival of the weakest?
I just heard Neal Boortz discussing this Wall Street Journal piece about how people with the least amount of economic knowledge are making all the rules in America right now. Very interesting insight.Totally reminds me of management and other non-technical people making all the rules for information security and privacy.Something's backwards here folks. Why is it the tail wags the dog in so many critical situations such as these affecting ...
Continue Reading... -
10 Jun 2010
iPad “breach” – another sensationalistic Web flaw
NewsFactor has a nice piece on the recent AT&T iPad "breach" that tells the story of how a code on AT&T's site was cracked exposing email addresses of iPad users. So, some criminals gleaned some email addresses from a telecom provider...In the grand scheme of things: big deal.I agree with Sophos' Paul Ducklin - I think this is being overblown...just like the sensationalism brought forth by my recent bit on ...
Continue Reading... -
07 Jun 2010
Oil and infosec, a marriage made in heaven?
Here's a funny - and ironic - pic a friend of mine just forwarded me.Need I say more?Also, I have on my desk the March 8, 2010 edition of InformationWeek (great mag by the way) that has BP as its cover story. A call out quote says:"Two years ago, BP CEO Tony Hayward laid some very tough love on his 500 top managers. Despite revenue of about $300 billion, the ...
Continue Reading... -
28 May 2010
Where I’ve been + 2 important reading assignments
Wow, I can't believe it's the end of May....the year's nearly halfway through and I feel like I should still be back in February! After experiencing some family health crises and deaths combined with the busiest year I've ever had with my business (not complaining there!), I've let my blog suffer. I never like to not post for so long but I work to stay true to what I preach ...
Continue Reading... -
21 May 2010
The compliance crutch mentality rides on
I believe it was my colleague Kevin Bocek who once said: "Security done right will yield compliance for free. Compliance for compliance sake will always deliver more problems in the end."Why is it so many business leaders keep ignoring this reality?It's funny, I was just thinking about an article I co-authored for CSO Online with Charles Cresson Wood nearly a year ago entitled The Dangers of Over-Reliance on Compliance. Those ...
Continue Reading... -
04 May 2010
Aim high or aim low, it’s our choice to make
I love what Michelangelo said:"The greater danger for most of us lies not in setting our aim too high and falling short, but in setting our aim too low and achieving our mark."...reminds me of how easy it is to fall into the trap of complacency and principle of "good enough" with information security....
Continue Reading... -
03 May 2010
Commercial WEP and WPA key recovery tools
Ever find yourself needing a wireless network analyzer that's easy to use and doesn't cost an arm and a leg? Well, CommView for WiFi is a great option...It's a product I've talked about for years in both Hacking For Dummies and Hacking Wireless Networks For Dummies. A neat thing about CommView for WiFi are its relatively new WEP and WPA key recovery add-ons. Referred to as WEPKR and WPAKR, they're ...
Continue Reading... -
30 Apr 2010
Security strategies that lead to success
Here's a new webcast I recorded where I talk about how to use visibility, control, and simplicity to your advantage to take the pain out of IT and security management:Strategies for Securing your Enterprise for SuccessBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, videos, Twitter updates, and more....
Continue Reading... -
29 Apr 2010
IT security roundtable starting soon
Join me if you can in just over an hour for AppSec's Five Burning Questions: Q2 2010 IT Security Auditor Roundtable. I and others from companies such as Ernst & Young, KMPG, and Protiviti will discuss database audit challenges and share tips and best practices you can implement to ensure database compliance and security.I hope to "see" you there!...
Continue Reading... -
27 Apr 2010
How to become a better presenter
There are a lot of unknowns in IT but one thing's for sure: if you're going to be successful in your job and move up the career ladder you have to sharpen your presentation skills. Here's a new piece I wrote that'll help you get started down the right path:Eight tips every IT pro can use towards becoming a better presenter...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
