Principle Logic Logo
    770-917-9600
  • Home
  • About
  • Services
  • Resources
  • Blog
  • Contact

Kevin Beaver's Security Blog

  • Step up or step aside, somebody needs to fix your security woes

    19 Feb 2014

    I just got off of phone call with some friends/colleagues where we were discussing the latest security trends. After talking it occurred to me that we’re basically going backwards in time with information security. It seems with the Target breach, stupid passwords people are still using in 2014, and even today’s new SANS-Norse healthcare security report, it just keeps piling up as if nothing works.

    But it can work – if people would get out of their own way.

    Looking at it from a psychological perspective (a great way to view security trends/challenges), it’s really about the choices people are making – or not making – about security:

    • Choosing to ignore the low-hanging fruit that’s present on every network this very moment.
    • Choosing to believe that security is a problem for the IT department to manage.
    • Choosing not to enhance their communication skills so people will “get” what’s being said

    You’ve heard the adage, “if you lie about something long enough and consistently enough, pretty soon people will start believing the lies as the truth.” So many people are thinking that IT and security problems are just getting too hard to handle…that the bad guys are just getting “badder”. The government can fix things with whatever “cybersecurity” nonsense they’re going to shove down our throats. To the cloud so we can wash our hands of all this.

    Too many people are acting as if everything is out of their control, like low-information voters at the ballot box.

    Like I talked about in this new guest blog post for Rapid7, don’t let history repeat itself so that you get burned. Step up or step aside – somebody needs to fix this stuff.

Resources

  • My books
  • My blogs and columns
  • My YouTube videos
  • My Security On Wheels audio programs
  • My articles, podcasts, and webcasts
  • My downloadable book chapters
  • My currently-published whitepapers and guides
view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security basics books careers CISO CISSP cities compliance coronavirus covid-19 data breaches hacking Hacking For Dummies heads in sand incident response information risk keynote speaker leadership macOS networked cameras patching racing resilience SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok training vulnerability and penetration testing web security web service api security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

  • Home
  • About
  • Services
  • Resources
  • Blog
  • Contact

For your convenience I accept