Information Security Expert Kevin Beaver

You may need to do a quick third-party registration to access certain ones.

• How CIOs can build cybersecurity teamwork across leadership
• The CIO’s role in strengthening cybersecurity
• Top 4 information security strategy essentials CIOs need
• Security policies matter, but only so much
• Seven keys to success when working with information security professionals
• Security lessons to be learned from the COVID-19 response
• Who should be responsible for web security?
• Ensuring the right people are on board with web application security
• Security strategies or tactics – Where should you focus?
• Security professionals know everything necessary, yet incidents and breaches continue
• Take action with security – it’s really the only advantage you have
• Are you sure you want to be a CISO?
• Information overload leads to security oversights
• CISO challenges include building credibility within the business
• Security’s new focus: defensibility
• Going beyond addressable with HIPAA and doing what’s right with data encryption
• How security intelligence can support HIPAA compliance
• Why PHI access controls matter
• The HIPAA compliance payoffs of protecting PHI with encryption
• Top cybersecurity trends for the first half of 2017
• An unfunded mandate is NOT a mandate
• How top IT pros stand apart
• Using unrealized IT talent to your advantage
• Great ways to get management on your side with application security
• The side-effects of miscommunication between IT and security pros
• What SOC reports won’t tell you (and what you need to do about it)
• Dealing with vendors who want to push their SOC audit reports on you
• Nixing credential re-use across unrelated systems
• Signs that you’re about to suffer a security breach
• Outsource your security monitoring/alerting and be done with it
• Are your guest wireless networks exposing your business?
• Assessing the risks of information at rest and information in transit
• Explaining discrepancies in different security assessment reports
• When hacked home computers become business problems
• Top stories coming out of the 2017 RSA Conference worth paying attention to
• What you need to know about the 2017 RSA Conference
• RSA Conference tips for CISOs – From 10 years ago to today
• IoT at RSA: A New Focus on Old Problems
• 10 Tips for Breaking into the Infosec Field
• Questions that must be answered once a security breach occurs
• Managing Windows Server audit logs to cover your assets
• Developing a security incident response policy (plan): Avoiding pitfalls
• The most important aspect of incident response planning
• Figuring out what happened after a data breach
• Six endpoint management lessons from POS security breaches
• Dealing with today’s information systems complexity
• Network complexity: Bad for Business, Great for Job Security
• What type of organization needs a CISSP on staff?
• The important distinction between security facts and security problems
• Why System Administrators are so Crucial to Security
• The side-effects of miscommunication between IT and security pros
• Security mistakes executives make
• CEO Spoofing – Don’t get fooled
• Core reasons why information security programs fail
• How to stick to your IT security plan
• It takes more than resolve to manage an effective security program
• The one thing that criminal hackers have on their side that you don’t
• Setting and achieving realistic information security program goals for 2016
• Waiting until the last minute to implement long-term security measures
• IT turnover and its contribution to security challenges
• The importance of a security culture across the organization
• Why the lack of professional development among IT and security pros?
• Network complexity: Bad for Business, Great for Job Security
• Knowing the warning signs of network intrusions
• During and after a breach, all eyes are on you
• Five network security lessons learned from the Sony Pictures hack
• A perspective on the next big data breach
• Maybe there IS a patch for stupid
• Six areas of importance in the PCI Penetration Testing Guidance
• Niche security flaws should NOT be your focus
• Key Network Security Questions You Need To Ask Your Cloud Vendors – Now!
• Everything happens for a reason in security
• How one bad decision brought down an enterprise e-commerce site in minutes
• With security, periodic and consistent is key
• How emerging threat intelligence tools affect network security
• The science behind bad passwords
• Setting and achieving realistic information security program goals for 2016
• Information security’s chicken and egg problem
• Security’s gaping hole – policy enforcement
• Four reasons people aren’t buying what you’re selling in IT
• When security policies are bad for business
• Reacting vs. responding to security incidents
• Security’s greatest challenge – inaction
• Using what you’ve got to build a strong security program
• Information security is not stagnant but dynamic
• The mishandling sensitive data: Do you really know what you don’t know?
• Security Decision-Making: When Decisions Are Based on Fear Rather Than Fact
• State of the Network study: How security tasks are dominating IT staff
• Addressing your security program one small step at a time
• Why regulating information security professionals is a bad thing
• Understanding Your Level of HIPAA Risk, the Right Way
• Common Sense Incident Response for HIPAA
• When vendor security vulnerabilities become your own
• How do you know when a security vulnerability matters to your business?
• If there’s a will with information security there will be a way
• Eight remarkable things you’re doing with security that you can make even better
• Divulging sensitive info for a potential acquisition – good idea or bad?
• Formidable Threats and Minimal Visibility – A Troublesome Combination
• When your lawyer becomes your CISO
• The root of many security problems
• The compliance crutch holding up Corporate America
• The fallacy of information security awareness and training
• The one skill worth mastering in IT
• Quantifying the disconnect between the business and security
• The critical item that’s missing from most IT security programs
• What’s your one hot button security item?
• Top detractors of security oversight
• The funny thing about “confidential” information
• Why starting from scratch with security is delusional
• Top reasons why the bad guys are always one step ahead
• Key Web application security metrics
• Taking politics out of the Web security equation
• Getting back to basics with Web security
• How Your Web Presence is Throwing You Out Of Compliance
• The disconnect between IT audit and software developers
• Top 10 Insider Threats and How to Protect Yourself
• Top 5 Information Security Trends
• Top 5 network security vulnerabilities that are often overlooked
• Open your eyes and you’ll see the light
• Steering your career as a desktop admin in the mobility age
• The mindset of everyday employees and their impact on security
• Why a CIO’s relationship with enterprise IT security is important
• Don’t ignore mobile security effects on enterprise desktop management
• Enterprises can’t afford a half-baked mobile security strategy
• If you can’t explain it simply, you don’t understand it well enough
• If we can’t even take care of ourselves, how can our networks possibly survive? (Part 1)
• How to ensure a “healthy” and secure network (Part 2)
• Why business execs know more about security than you do
• Why business execs know more about security than you do
• Why a CIO’s relationship with enterprise IT security is important
• Use IT staff retention strategies to maintain a successful business
• Information security project considerations for project managers
• The information security basics your organization should already know
• How VARs can help customers securely discard e-waste
• Regulatory compliance requirements for security solutions providers
• Keeping resilient
• Extending HIPAA Compliance from Electronic Health Records to Document and Data Transmissions
• Information Technology and Business Continuity – Filling the gaps to protect your business
• Application security calls for a proactive approach
• Understanding the value of the OWASP Top 10 2013
• Don’t forget enterprise password protection in a merger or acquisition
• Four steps to become a leader in IT problem-solving
• Prioritize your IT tasks and finally conquer your to-do list
• Working in IT? Simple steps to get users on your side
• In IT planning, try zero-based thinking
• Beware the perils of organization-wide compliance policy involvement
• The sometimes-harsh realities of information security and compliance
• Security considerations around enterprise content management
• Five corporate compliance program traits you need to prevent breaches
• What to do when the CIO gets in the way of enterprise IT security
• How to form a functional enterprise IT security committee
• Understanding management gets your IT department what it needs
• Five Concepts for IT Security Success
• Mobile security and how you can no longer ignore its impact on enterprise desktop management
• Why locking down applications at the desktop can provide you with great returns
• RSA’s look at the big picture
• Six Security Flaws on Your Network Right Now
• Compliance is just the beginning
• New and not-so-new security twists in the Cybersecurity Act of 2012
• Our dangerous overdependence on IT auditing
• Top compliance questions you need to be asking your network administrators
• Address information risk management now — before the going gets tough
• Seven dangerous assumptions about compliance
• Top 5 techniques for management buy-in for your IT governance strategy
• Data security and backup encryption remain critical
• Secure data storage strategies and budget-friendly security tools for SMBs
• Patching and continuous availability in Windows Server 8
• Five Windows environment security flaws you may be forgetting
• Explaining the why of Web application security
• Improving Web security by working with what you’ve got
• Why people violate security policies
• Preparing for an incident at the workstation level
• Develop a Flight Plan
• It’s time we shift our thinking about endpoint protection
• Act now to prevent smartphone security risks at your organization
• Compliance officers’ next big headache: Securing mobile applications
• Using Windows 7 management tools to your advantage
• Getting to know Security Compliance Manager
• Information security’s tie-in with the e-discovery process
• Lax enterprise mobile device management hampers e-discovery
• Getting users on your side to improve Web security
• Time to market is no longer the excuse
• Managing information risk inherent to an effective compliance strategy
• Avoid duplicated efforts to cut the cost of regulatory compliance
• The long-term consequences of not addressing compliance today
• Fix Your Low-Hanging Fruit or Forever Hold Your Peace
• The cure for many Web application security ills
• 10 most common security mistakes people are still making
• Fighting the malware fight all over again
• 9 good reasons not to buy information security products
• Security best practices without question?
• How’s your security culture?
• Firewall change management and automation can curb human error
• Do Web application firewalls complicate enterprise security strategy?
• Planning a virtualization firewall strategy
• Time management strategies for the IT pro
• Your title is worthless; your value is priceless
• You can’t change what you tolerate
• Don’t lose sight of what’s important
• Four traits of successful information security leaders
• What is computer forensics technology? Does it help compliance?
• Leaning on records management can take the angst out of e-discovery
• Securing the new desktop: enterprise mobile devices
  
• Intel’s McAfee buy marks a turning point for security
• Using metrics to enhance information risk management
• Why do so many people buy into “checklist” audits?
• Data Protection and Compliance in Complex Environments
• Getting developers on board with security – once and for all
• Fundamental Fallacies
• The K.I.S.S Method for IT Security
• The Dangers of Over Reliance on Compliance
• How to get – and keep – user support with security
• How to get management on board with Web 2.0 security issues
• Underlying causes of inconsistent patch management
• Are your IT administrators trustworthy?
• Monitoring user activity with network analyzers
• Go beyond a checklist audit for real IT security and data protection
• Getting your arms around the compliance beast
• Big IT Lessons Small Businesses Can Learn (an IncTechnlogy.com piece I contributed to)
• Common causes of Windows server security vulnerabilities
• E-discover the gaps in your information management process
• A compliance officer, secure network aren’t enough for real compliance
• Is all the PCI DSS compliance whining and complaining justified?
• Why it may not be ideal for your lawyer to be your compliance officer
• How to maintain IT shop efficiency when you’re the last man standing
• How to strike a balance between Windows security and business needs
• Building credibility and getting others on your side
• Making the Business Case for Information Security
• 7 Essentials for Selecting an IT Integrator
• Do you have IT governance?
• Seven questions to ask your security vendor
• Essential elements of a good security assessment report
• Security scan results: take them with a grain of salt (formerly published at SearchWindowsSecurity.com)
• Eight reasons to plan out your security testing
• Security best practices without question?
• Information security lessons learned from the Choicepoint debacle
• Best practices for choosing an outside IT auditor
• Outsourcing IT services: Is it worth the security risk?
• Outsourcing security testing: What’s right for you?
• Upfront and secure is Job One for SMBs
• The Business Case for Information Security – What businesses are up against and why it is needed (formerly published at www.gscpa.org)
• Hiring an IT consultant
• Getting back to basics
• Ethical hacking: 10 crucial lessons
• Selling security to upper management
• The battle over security vs. convenience
• Where do you draw the line on employee monitoring?

• Firewall Management: 5 Challenges Every Company Must Address

• Managing network security threats with an ERM strategy
• Implementing Security with Systems Management – Best Practices for companies with fewer than 500 users – As security becomes more critical to the computing environment, businesses must look to streamline systems management. This webcast outlines the critical security issues that need to be addressed in today’s computing environment. Learn more about securing systems management in your business, including best practices for integrating security into the IT infrastructure, common systems management oversights, common security risks and the business problems they cause, and practical tips for gaining control of the IT network.
• Hacking Your Operations for Improved Security – Many organizations test their information systems for security vulnerabilities on an ongoing basis. The problem is that’s only half the issue. There’s also security documentation, users, and various IT-related business processes that affect overall information risks just as much. In this paid webcast hosted by ComplianceOnline, learn about real-world examples and how you can use the malicious mindset to look beyond the technical weaknesses and view your information security from a broader perspective that takes the entire business in account.