• 21 Jun 2018

    Management

    Information security management You may need to do a quick third-party registration to access certain ones. Articles Security policies matter, but only so much Seven keys to success when working with information security professionals Security lessons to be learned from the COVID-19 response Who should be responsible for web security? Ensuring the right people are on board with web application security Security strategies or tactics - Where should you focus? ...

    Continue Reading...
  • 21 Jun 2018

    Compliance

    window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-90333847-1'); Information security compliance You may need to do a quick third-party registration to access certain ones. Articles Understanding the Cybersecurity Maturity Model Certification (CMMC) PCI DSS compliance across retail and financial services Considerations for addressing the new PCI SSL/TLS requirements What Changed in the New PCI DSS 3.2? Going beyond addressable with HIPAA and doing what’s right with ...

    Continue Reading...
  • 21 Jun 2018

    Careers

    window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-90333847-1'); Information security and IT careers You may need to do a quick third-party registration to access certain ones. Articles Security policies matter, but only so much Finding Success in an Information Security Career Security lessons to be learned from the COVID-19 response Web security: Getting your messages across to management Who should be responsible for web security? Ensuring ...

    Continue Reading...
  • 20 Jun 2018

    Home

    Who is Principle Logic My name is Kevin Beaver and I am the founder and principal consultant of Principle Logic, LLC. I am an independent information security (a.k.a. cybersecurity) expert and I solve problems. I help my clients protect their network systems, applications, and information assets from malicious or careless employees, criminal hackers, and unforeseen events. I've always believed that you can't secure what you don't acknowledgeSM. I focus on ...

    Continue Reading...
  • 07 Aug 2017

    How to gain control & become an IoT security expert

    You've no doubt heard the vendor spiels and seen their solutions for gaining control of your Internet of Things environment. But do you truly have IoT under control? Like other things in IT, it can be pretty overwhelming, especially when you're struggling to keep your arms around your traditional network environment with cloud and mobile and all the complexities they bring. Well, IoT security doesn't have to be that difficult. It's ...

    Continue Reading...
  • 12 Dec 2016

    Trump’s an expert on hacking too, huh?

    Yesterday, soon-to-be President Donald Trump showed just how ignorant politicians can be when it comes to computer security, breaches, and hacking. Referring to the Russians interfering with our recent election, the Donald said:"Once they hack if you don't catch them in the act you're not going to catch them...They have no idea if it's Russia or China or somebody. It could be somebody sitting in a bed some place."It's interesting. ...

    Continue Reading...
  • 19 Sep 2016

    What, exactly, is reasonable security? The state of California knows!

    With all that's happening in the world of information security, it seems that there's never enough regulation. From to HIPAA to the state breach notification laws to PCI DSS and beyond, there are rules - and guidance - around every corner. Oddly enough the breaches keep occurring. As if what we've been told up to this point is not reasonable enough. Some people, mostly federal government bureaucrats and lawyers who ...

    Continue Reading...
  • 21 Jan 2015

    Øbama knows more about information security than we do

    I know it's painful to listen to our Ruler wax poetic about how great things are in America and how he's going to continue transforming society for the better...so just in case you missed last night's State of the Union and proposed initiatives, his regime wishes to "better secure" the Internet and our networks by making changes to the Computer Fraud and Abuse Act (CFAA). Here are some good reads ...

    Continue Reading...
  • 09 Jan 2015

    Core human psychology principles are what hold us back with security

    2015 marks my 26th year working in IT and my 20th year focusing on information security. I'm so fortunate to work in such an amazing field and even luckier to have gained some wisdom over the years that has allowed me understand the true challenges we face with information security! As much as the vendors, researchers, and criminal hackers want us to believe it's the threats that cause all the ...

    Continue Reading...
  • 02 Sep 2014

    Bits & pieces on the 2014 Home Depot data breach

    The news of the new Home Depot credit card breach combined with me being based in Atlanta as well, I feel compelled to share some links to some of the recent pieces I've written about point-of-sale and retail information security in hopes that a nugget or two might prove beneficial to someone out there...here they are:The Target Breach – Can It Be Prevented?Six endpoint management lessons from POS security breachesSecurity ...

    Continue Reading...