• 19 Mar 2010

    New tips on 4 facets of encryption

    Been wondering about the latest on mobile/backup/database/email encryption? Well, here are some recent tips I wrote to TechTarget that'll help you get the ball rolling:Securing SMB laptopsSecuring removable media with BitLocker To GoSecure your data backups with encryption key management best practicesEncryption – the great security control that nobody’s usingThe true value of transparent data encryptionIs full email encryption the solution to Exchange security?...

    Continue Reading...
  • 19 Mar 2010

    No need to fix the problem, just ban the tool

    Here's a great post from my colleague Dave Paradi talking about how a conference is banning presenters from using PowerPoint. It's an embedded systems conference. So they're telling these highly-technical people they can't use PowerPoint to get their messages across!? I suspect the audience will instead be subjected to overhead transparencies and slide rule demonstrations. Sounds like a great show!This is just like businesses banning thumb drives and instant messaging ...

    Continue Reading...
  • 11 Mar 2010

    Unexpected vulnerabilities in the cloud?

    When you look past all the ridiculous hype and craze over "cloud computing" the realities set in. Here's a new piece I wrote for SearchCompliance.com that can help set you straight:Find unexpected vulnerabilities to ensure cloud compliance...

    Continue Reading...
  • 11 Mar 2010

    Twitter stole my Twitter idea

    I was recently talking to a client about how we need to start up a company with a Twitter acquisition as our exit strategy that scans for malicious URLs in the tinyurl, bit.ly, etc. links that are posted on Twitter. Twitter beat us to the punch. It's actually pretty difficult to comprehend that it's taken them this long to fix such a big problem. Nice to see some innovation where ...

    Continue Reading...
  • 11 Mar 2010

    Trouble getting policy buy-in? Make ’em self-executing.

    If you're having trouble getting security policies on the radar of management and users - much less getting the real buy-in you need, don't fret - there is a possible solution.It's an idea I got from Louise Slaughter (good name for a politician) and her attempt to force Obamacare on us. Simply make your policies "self-executing". In other words, you write the policies and include verbiage in each one that ...

    Continue Reading...
  • 24 Feb 2010

    Great information security quote

    "I am more afraid of an army of 100 sheep led by a lion than an army of 100 lions led by a sheep." -Charles TalleyrandApplies nicely to the management of information security and amazingly well to our government "leaders" today....

    Continue Reading...
  • 23 Feb 2010

    P2P risks, all over again

    It's sad when our government has to warn businesses about their own P2P network security flaws.I wrote about the security considerations with P2P applications seemingly a lifetime ago (2003) for TechTarget in a piece titled Are P2P applications worth the risk? Around this same time I served as a P2P expert on a panel discussion at American Intellectual Property Law Association's conference in Atlanta where we discussed these same issues.Nothing ...

    Continue Reading...
  • 22 Feb 2010

    Failure is always an option

    Michael Eisner once said "Succeeding is not really a life experience that does much good. Failing is a much more sobering and enlightening experience."This is something we often take for granted...and something that's facilitated by our society of not wanting people (especially our kids) to fail.I wouldn't trade my failures in life for anything...they've gotten me to where I am today. Failure's always an option and not something to be ...

    Continue Reading...
  • 17 Feb 2010

    What’s your certification worth? Nothing.

    According to Global Knowledge (you know, the training/certification folks), IT and security certifications are worth tens of thousands of dollars and, in some cases, over $100,000.Man oh man if it were only that easy to jump in and make that kind of money - and be able to sustain it. I say that certifications such as CISSP, ITIL, or PMP are worth absolutely nothing unless you make it so. What ...

    Continue Reading...
  • 14 Feb 2010

    Great tool for seeking out sensitive info on your network

    One of the greatest risks in business today is the issue of unstructured information scattered about the network waiting to be misused and abused by rogue insiders and other outsiders that have gained "internal" access.Reality has shown us that we absolutely cannot protect what we don't acknowledge. The best way to minimize this risk is to search your network far and wide for PII and other sensitive business information you ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.