• Social Menu
  • Social Menu
  • Social Menu
  • Social Menu
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001 Resources
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001 : Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • CMMC Marketplace FAQs
      • SSP for CMMC
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Our Stance on Inclusivity
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
  • 1-888-PIVOT-POINT
    1-888-748-6876
  • info@pivotpointsecurity.com
  • 1-888-PIVOT-POINT | 1-888-748-6876
  • info@pivotpointsecurity.com
Pivot Point Security
PPS ISO 27001 Logo RPO Logo
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
      • Cloud Controls Matrix
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • NIST SP 800-218
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • GLBA
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001: Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Assessment Checklist
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • SSP for CMMC
      • CMMC Marketplace FAQs
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Inclusivity: Our Stance & Actions
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
Access The Latest Episodes from The Virtual CISO Podcast

Why “Check-the-Box” Policies are a VERY Bad Idea

by Richard Barrus | Jul 22, 2019 | InfoSec Strategies

Reading Time: 2 minutes It sometimes happens in the course of supporting clients during ISO 27001 certification projects or other information security assessments that we uncover “check-the-box” documents. For example, these might be policies that were...

5 Critical Steps to Align Security Policy with Your Cyber Liability Insurance Policy

by Richard Barrus | Jul 12, 2018 | ISMS Consulting

Reading Time: 3 minutes The growing risk and disruptive potential of cyber-attacks are making cyber liability insurance (CLI) increasingly relevant to many businesses. CLI offers a way to mitigate financial risk and (if done well) create a “safety net” to...

Why Your Information Security Policy Document Needs to be Top-Notch

by Richard Barrus | Jan 30, 2018 | ISO 27001 Certification

Reading Time: 2 minutes On the path to ISO 27001 certification, one of the most important guideposts is the Information Security Policy document. Many of the organizations we work with already have a “policy” document in some form—but often there’s a...
RSS RSS Feed

Free Downloads

  • ISO 27001 Roadmap
  • ISO 27001 Cost Guide
  • vCISO Roadmap
  • View All »

Filter Articles By Tags

Application Security application security testing CCPA cloud security CMMC CMMC Compliance compliance cyber attacks cybersecurity cyber security Data Breach data privacy GDPR Government hackers incident response information security infosec InfoSec strategies IoT IoT Security ISMS ISO 27001 ISO 27001 audit ISO 27002 ISO 27701 Malware NIST NIST 800-171 OWASP OWASP ASVS Penetration Test Phishing ransomware regulation Risk Assessment Risk Management security awareness education security awareness training SIEM SOC 2 tprm vCISO Vendor Risk Management vulnerability management

Blog Categories

  • ISO 27001 Certification
  • ISMS Consulting
  • InfoSec Risk Assessment
  • Penetration Testing
  • Ethical Hacking
  • Business Continuity Management
  • FedRamp
  • Disaster Recovery

About Us

Pivot Point Security has been architected to provide maximum levels of independent and objective information security expertise to our varied client base.

Free Resources »

Recent Blog Posts:

  • How Does the NIST Secure Software Development Framework (SSDF) Compare with OWASP SAMM, BSIMM, etc.?
  • What’s the Effort to Align Your Dev with the NIST Secure Software Development Framework (SSDF)?
  • Here’s Why Software Vendors Should Align with the SSDF Whether Mandated or Not
  • Why Does the USG Think We Need the NIST Secure Software Development Framework (SSDF)?
white ISO 27001 logo RPO Logo
  • Home
  • Blog
  • About Pivot Point Security
  • The Virtual CISO Podcast

© 2001 - 2022 Pivot Point Security Privacy Policy | Cookie Policy | External Linking Policy | Sitemap