Information Security Blog
September 3, 2018: NYDFS 500 “Covered Entities” Compliance Deadline
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank...
read more6 Strange-but-True Tales of IoT Hacks
We tend to think of our world full of interconnected devices as fun and convenient. Why not monitor your toaster with a phone app—what could possibly go wrong? The downside, we now know, is that cybercriminals will quickly enlist these Internet of Things (IoT) devices...
read moreWhy Pivot Point Security is Now Offering ISO-27001 “As-a-Service” for Certification & Maintenance
Pivot Point Security has been offering ISO-27001 consulting services for over 10 years now – and to this point, we have offered them in a project-based approach that logically aligned with the project-oriented nature of achieving ISO-27001 certification. It also...
read moreCalifornia’s New Privacy Law Means US Firms Can’t Delay Privacy Initiatives Any Longer (Part 2)
The most significant privacy regulation enacted to date, the EU’s GDPR, still feels “over the horizon” to many US firms. For companies that have delayed privacy initiatives, it’s still easy to “risk rationalize” away the need to comply with GDPR. After all, there have...
read moreCalifornia Consumer Privacy Act of 2018: What Could It Mean for Your Business? (Part 1)
The State of California, the fifth largest economy in the world, has just enacted the most far-reaching consumer privacy legislation in the US—giving citizens more control over how companies share and sell their personal data. What could this new law mean for your...
read more
