-
29 Sep 2008Fight the desire for instant gratification
Here in Atlanta we have a pretty serious situation with gas. Some refineries in Louisiana and Texas (where Georgia gets approx. 85% of its fuel) are still out of commission from Hurricane Ike. There are numerous other issues contributing to the problem as well including the Federal Clean-Air Act requiring gasoline sold in our local market to meet stringent EPA enforced air quality standards which makes it more difficult for ...
Continue Reading... -
29 Sep 2008
ISC2’s new CSSLP to the rescue?
Well, ISC2 is at it again with yet another security certification - this time focused on application security. The CSSLP (Certified Secure Software Lifecycle Professional) focuses on security where it's often the weakest...at the source code level.Not a bad idea in general. I just don't foresee someone getting such a certification and then suddenly being a development expert much less someone being able to lock down the software lifecycle. These ...
Continue Reading... -
26 Sep 2008
My latest security content
Here's an article I just wrote for SearchEnterpriseDesktop.com:The 10 most common Windows security vulnerabilities And also a series of articles I recently completed for Realtimepublishers.com on compliance:The Essentials Series: The Business Imperatives of Compliance in the UK [note: These articles have a U.K. focus but the concepts can be applied anywhere around the world...And no, those aren't my British-isms in the writing (thanks to the wonder of editing). It is ...
Continue Reading... -
26 Sep 2008
Point about users & malware I’ve been trying to get across
I feel as if my opinion on a malware-related security vulnerability I've been pointing out for years has been validated. By actual research!Here's the deal: It's when users get pop-ups/dialog boxes from web sites, etc....All they want to do is get rid of it, right? It's human nature. They don't care which option they click or what the outcome may be. I'm guilty of doing the same thing. It's something ...
Continue Reading... -
25 Sep 2008
How about a bailout of the information security industry!?
While our government is on the bandwagon of handing out billions of our dollars to the financial industry and, more recently, the auto industry it made me think - what the heck - might as well throw in a few billion or so in support of our industry, right?? After all, it'd be money well-spent on our critical infrastructure here in the U.S.Here's what could be done to redistribute our ...
Continue Reading... -
23 Sep 2008
Big target for the bad guys
I just heard an ad on my local radio station about MedsFile.com....Knowing what's going on out there on the Web combined with the silly and careless Web application vulnerabilities I see in my work I cringed when I heard about what this company does. They store all of your medical records online in one convenient location. It's actually a great idea but there's certainly some room for abuse.I'm not picking ...
Continue Reading... -
23 Sep 2008
Another job site for security careers
In addition to the job sites catering to security professionals I mentioned in a previous post, here's another site for you...Can't vouch for its quality but it looks promising:www.security-jobs.info...
Continue Reading... -
23 Sep 2008
Has Sarbanes-Oxley failed us?
....no, surely not!? But then again...Those of us in IT and information security know all about Sarbanes Oxley. You know the Public Company Accounting Reform and Investor Protection Act of 2002 that our Imperial Federal Government put in place back in 2002...?That was then...now look at the mess we're in. Lehman Brothers, AIG, Fannie Mae, Freddie Mac - all living proof that Sarbanes Oxley is a failed piece of reactive ...
Continue Reading... -
17 Sep 2008
Great quote related to information security careers
We tend to focus so much on our education and training and ignore something the one thing that's even more important: goal setting. Keep this in mind when it comes time to actually making the rubber meet the road."Education is of no value and talent is worthless - unless you have an unwavering aim. Never find yourself without a compass." - Condoleezza Rice...
Continue Reading... -
17 Sep 2008
Press release about my upcoming ISSA keynote
Here's a recent announcement of mine regarding my upcoming keynote presentation I'm giving for ISSA:Principle Logic announced that Kevin Beaver has been chosen to speak at the ISSA conference. Kevin will apply his practical and no-nonsense approach to information security in his discussion titled Staying Ahead of the Security Curve. He will share his experiences in the field of information security, the traits required to become a successful security professional, ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
