• 01 Dec 2009

    Funny thing about notices of privacy practices

    I just received a "notice of insurance information practices" from my health insurance provider that says something to the effect of:"ALL INFORMATION CONFIDENTIAL. We're required by law to keep your information confidential. It will be seen only by our employees and authorized business associates."Really? Pretty gutsy statement from any business but especially one who's already been listed on the Chronology of Data Breaches....

    Continue Reading...
  • 20 Nov 2009

    I need your help *today* Friday Nov 20th

    You may already be aware of TechTarget's IT Knowledge Exchange. It's a great place to ask questions and/or establish yourself as an expert.Anyway, I just realized that today's the last day to nominate another member [subliminal message]Kevin Beaver[/subliminal message] for their Panasonic 42" TV giveaway. Someone you know [subliminal message]Kevin Beaver[/subliminal message] is in the running and could really use your help.So what's in it for you? When you nominate ...

    Continue Reading...
  • 20 Nov 2009

    “Computer glitch” always to blame for someone’s bad choices

    Here's my two cents on the people failure - I mean "computer glitch" - at Atlanta's Hartsfield airport yesterday. Gotta blame something...Hartsfield outage: "Computer glitch" or FAA "people failure"?...

    Continue Reading...
  • 19 Nov 2009

    I could’ve sworn we had this thing called HIPAA

    Remember way back in April of 2005 when the HIPAA Security Rule went into effect? Well apparently some healthcare providers didn't get the memo. Big blow to Health Net.So, no reasonable security controls to meet the HIPAA requirements much less no encryption of mobile storage devices? Seriously people: what is it going to take to encrypt mobile drives!!??I'm not a fan of BitLocker in the enterprise and not sure how ...

    Continue Reading...
  • 16 Nov 2009

    So, certification is what’s best for your career, huh?

    Per Microsoft Learning's director: "We see the trend increasing that individuals are making the decision that what is best for their careers is to be certified"...Completely disagree. Read the news column...Can you see the hidden message?Here's what's best for your information security career...substance, not certification. Ooh, maybe I should trademark that. ;-)...

    Continue Reading...
  • 16 Nov 2009

    BitLocker and Windows 7 – Things you need to consider

    I was recently asked to write a whitepaper on considerations for Bitlocker in Windows 7. While doing my initial research I learned a lot about BitLocker and discovered some new ideas and approaches for managing sensitive data. In this whitepaper I cover:Why data encryption mattersBitLocker’s new features in Windows 7Operational concerns you need to think aboutUsability issues that can create problemsPotential compliance and security gaps you don’t want to overlook…and ...

    Continue Reading...
  • 11 Nov 2009

    Responsibility becoming a thing of the past?

    Here's a great post from Neal Boortz regarding holding people responsible for their choices. It's very simple to blame something inanimate instead of fixing the real problems. Like blaming malware for security breaches...Practically everything in life and business can be traced back to choice - that's why we have to use it wisely....

    Continue Reading...
  • 10 Nov 2009

    M-W’s Word of the Day very fitting

    I subscribe to Merriam-Webster's "Word of the Day" and saw today's word is rectify. Here's the example sentence they used:"The night before the Web site was to go live, the programmers worked frantically to rectify several unresolved security problems."Too funny! ...and sadly, all too common. Hey, at least they were working to fix the security issues before it went live! ;-)...

    Continue Reading...
  • 09 Nov 2009

    Have you thought about business continuity metrics?

    Either way, here's a good set of business continuity metrics worth checking out. Something that's sorely missing from many plans...that is, where plans even exist....

    Continue Reading...
  • 08 Nov 2009

    The real deal with the SSL/TLS flaw

    Over the past few days Twitter, security blogs, and news columns have been going crazy with the newly-discovered SSL/TLS flaw. Man, you'd think it's the next WEP exploit discovery. The security sky is falling...we must retreat.Seriously, is this thing a big deal? Not in my opinion - at least not in all but 99.9% of any given situation. But what do I know? I'm just the security guy that sees ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.