• 22 Feb 2010

    Failure is always an option

    Michael Eisner once said "Succeeding is not really a life experience that does much good. Failing is a much more sobering and enlightening experience."This is something we often take for granted...and something that's facilitated by our society of not wanting people (especially our kids) to fail.I wouldn't trade my failures in life for anything...they've gotten me to where I am today. Failure's always an option and not something to be ...

    Continue Reading...
  • 17 Feb 2010

    What’s your certification worth? Nothing.

    According to Global Knowledge (you know, the training/certification folks), IT and security certifications are worth tens of thousands of dollars and, in some cases, over $100,000.Man oh man if it were only that easy to jump in and make that kind of money - and be able to sustain it. I say that certifications such as CISSP, ITIL, or PMP are worth absolutely nothing unless you make it so. What ...

    Continue Reading...
  • 14 Feb 2010

    Great tool for seeking out sensitive info on your network

    One of the greatest risks in business today is the issue of unstructured information scattered about the network waiting to be misused and abused by rogue insiders and other outsiders that have gained "internal" access.Reality has shown us that we absolutely cannot protect what we don't acknowledge. The best way to minimize this risk is to search your network far and wide for PII and other sensitive business information you ...

    Continue Reading...
  • 05 Feb 2010

    My latest information security content

    Here are my latest information security articles covering policies, internal threats and employee monitoring, and (when all else, fails) incident response. Enjoy!Security policy oversights and mistakes we keep makingThe real deal with internal security threatsMonitoring user activity with network analyzersLack of incident response plan leaves hole in compliance strategyIncident response – the often overlooked component of business continuityAs always, be sure to check out www.principlelogic.com/resources.html for all of my information ...

    Continue Reading...
  • 05 Feb 2010

    My new trade rag column

    I've got a new monthly column in Security Technology Executive magazine called Get with IT you may want to check out. It's a real gem of a magazine!...

    Continue Reading...
  • 05 Feb 2010

    Looking past Layer 7 – Web security is more than the app

    Here's a bit I wrote on why we need to look deeper than the application when testing our Web security:Looking past Layer 7...it's the little, often overlooked, things that'll get you....

    Continue Reading...
  • 02 Feb 2010

    What part of No Truck Crossing do you not understand?

    Check out this wild video of a train crash yesterday. It's a great example of the fact that just because you have a policy (i.e. the no truck crossing sign) doesn't mean that people will abide by (i.e. the dummy driver who probably thought "Aw, I can make this."). Some people just believe that they are exempt from certain things.Keep this in mind for your information security matters...you can't save ...

    Continue Reading...
  • 01 Feb 2010

    Deep thought of the day

    All we have are our knowledge and our time and we don’t have a grip on managing our day-to-day tasks and projects we’ll let both go to waste and drive ourselves crazy. Get to know the basics of time management soon. This knowledge will do wonders for your career....

    Continue Reading...
  • 01 Feb 2010

    Relying on users to wipe out wimpy passwords??

    I just came across a Dark Reading piece by Adrian Lane on wiping out wimpy passwords. Adrian says that user training is needed so people know how to create strong passwords. I'm not picking on you Adrian however this has become a downright ridiculous approach, one that's been proven time and again not to work. My take is if you have to set your users up for success and, therefore, ...

    Continue Reading...
  • 26 Jan 2010

    Webinar on database security this week

    Here's a webinar put on by Application Security, Inc. that I'm participating in this Thursday (1/28/10) in case you're interested...should be enlightening.Five Burning Questions Series: 2010 IT Security Auditor’s Roundtable...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.