Information Security Blog
How Did Equifax Get Hacked?
What Happened? We now know the Equifax data breach, which impacts almost 60% of the US adult population, was preceded by another breach or series of breaches of unknown magnitude back in March. We also know the July mega breach exploited a flaw in third-party code...
read more300 Million and One Reasons to Fight Ransomware Across Your Supply Chain
I have written a couple of blog posts in recent months that touched on keys to avoiding ransomware and I stand by the recommendations that I’ve made regarding ISO 27001 scoping, security awareness training, and more. That being said, the...
read morePasswords Are Passé – Here’s How to Start Implementing Multi-Factor Authentication
Is the ability to access a critical application using only a username and password a security red flag? In a word: Yes. Just ask the many folks who have recently had their bitcoins stolen because they weren’t adequately protected by multi-factor authentication....
read moreToday’s 8 Hottest Security Threats—and How to Counter Them
The recent HBO breach is now known to be much, much worse than the Sony content hack of 2014 or the more recent, financially motivated theft and premature release of Netflix’ Orange is the New Black episodes. Even more disturbing than the volume and value of...
read moreWhat Does “Compliance” with an OWASP ASVS Checklist Really Mean?
Pivot Point Security will soon be among the first information security firms to begin using the OWASP Application Security Verification Standard (ASVS) across its application security testing practice. As I blogged about back in mid-August, this shift has...
read more
