by Michael Gargiullo | Mar 19, 2019 | InfoSec Strategies
Even this era of near-daily data breach headlines, the Collection 1 trove gives one pause. What is being called the largest public breach ever is apparently just the tip of a gargantuan, 4TB iceberg of unique emails and passwords, all available to hackers worldwide at... by John Verry | Feb 4, 2019 | ISMS Consulting
Okay, that was harsh… But anyone who has had the “pleasure” of explaining the “simple complexity” of the NIST Cybersecurity Framework to management or other non-technical folks understands how challenging it can be. As the Virtual CISO for several organizations that... by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in June 2013 and has been updated for accuracy and comprehensiveness. NIST/FISMA guidance is generally more prescriptive than most other forms of information security guidance. However, there are limits to any... by John Verry | Sep 15, 2016 | ISO 27001 Certification
Pivot Point Security has recently seen a lot of interest in NIST 800-171, with the biggest question being; “How do we get NIST 800-171 compliant/certified?” NIST 800-171 is a relatively new NIST publication that addresses the requirements for a system to properly... by Lauren Wilder | Oct 13, 2015 | ISMS Consulting
Lately several clients have asked my opinion of how well their information security management system (ISMS) stacks up against industry peers. That’s an important consideration, because the more you know about the state of your security controls the better you can...
