As an executive responsible for many aspects of running your business, it can be difficult and downright confusing trying to understand the balance between Web security and compliance. Your IT, information security, and internal audit teams may be telling you completely different things based on…
Author Archives Kevin Beaver
THE AUTHOR
Kevin Beaver
Common network security assessment oversights
Network security assessments are one of the most critical exercises performed for minimizing business risks. Your time is limited. You’ve got pressure from management to get things done. There’s so much to do and not enough time to do it. Yet, network security assessments are…
Making web security part of your IT governance program
Moving past IT compliance, IT “governance” is becoming the new area of focus in enterprises today. With compliance often being a more tactical business function, IT governance tends to operate at a higher level, especially in larger organizations. Internal audit, legal, and boards of directors…
Taking your network security assessment to the next level
There’s always a point in every IT professional’s career where he thinks he has everything figured out. We can get so caught up in our ways that we often overlook the fact that there are so many things we do on a daily basis that…
Top network security flaws you’re likely overlooking
There’s no doubt you know your network better than anyone else. The real question is, do you know whether you’ve checked for all relevant security flaws on all of your critical systems? Odds are you haven’t but that’s okay to an extent. No one has…
What you need to know about performing authenticated network security scans
Are you scanning your network hosts for security vulnerabilities while logged in as a user? If not, you should be. Authenticated testing can add a lot of value to your overall security assessment results. You’ll find a lot more missing patches, weak share permissions, and…
Network vulnerability assessment gotchas to avoid
There’s a saying that experience is something you don’t get until just after you need it. It’s so true, especially in the context of information security and, specifically, network security testing. If you have any experience running vulnerability scans, you’ve no doubt been down that…
Five Web Security Issues Present in Your Business Today
Web security is very complex – with a lot of unknowns. As an executive running a business with a lot of moving parts, I’m sure you can relate. There are numerous areas – both operational and technical – where web security is lacking in practically…
Getting Back to Basics with Web Security
It’s usually the simple things in life that create the most problems – we’ve all learned this universal law the hard way. Be it slick tires when driving in the rain, that extra decimal point when doing our taxes, or a bad Ethernet patch cable…