• Social Menu
  • Social Menu
  • Social Menu
  • Social Menu
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001 Resources
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001 : Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • CMMC Marketplace FAQs
      • SSP for CMMC
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Our Stance on Inclusivity
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
  • 1-888-PIVOT-POINT
    1-888-748-6876
  • info@pivotpointsecurity.com
  • 1-888-PIVOT-POINT | 1-888-748-6876
  • info@pivotpointsecurity.com
Pivot Point Security
PPS ISO 27001 Logo
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001: Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • SSP for CMMC
      • CMMC Marketplace FAQs
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Inclusivity: Our Stance & Actions
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
Access The Latest Episodes from The Virtual CISO Podcast

Why “Check-the-Box” Policies are a VERY Bad Idea

by Eddie Taliaferro | Jul 22, 2019 | InfoSec Strategies

Reading Time: 2 minutes It sometimes happens in the course of supporting clients during ISO 27001 certification projects or other information security assessments that we uncover “check-the-box” documents. For example, these might be policies that were...

You Can’t Afford to Ignore CCPA Like You Ignored GDPR

by John Verry | May 9, 2019 | InfoSec Strategies

Reading Time: 3 minutes If your company is like many of our SMB/SME clients, GDPR was a short-lived event. You heard about the regulation, kicked-off a GDPR project, realized how significant the work effort was and how limited the likelihood of an action...

ABA Opinion 483 from an Information Security Expert’s Point of View

by Jeremy Sporn | Jan 2, 2019 | ISMS Consulting

Reading Time: 2 minutes Legal firms are no strangers to regulations. But cybersecurity regulations coming from the American Bar Association (ABA)… that is a new one. The truth is, this has been coming for some time. Industry-specific regulations on privacy...

GDPR and the California Consumer Privacy Act of 2018 Compared 

by John Verry | Sep 27, 2018 | Government

Reading Time: 3 minutes With the EU’s GDPR now in force and California just enacting its Consumer Privacy Act (AB 375), the two-minute warning has sounded for US businesses that work with consumers’ personal data. You must move to implement privacy policies...

September 3, 2018: NYDFS 500 “Covered Entities” Compliance Deadline

by John Verry | Aug 16, 2018 | InfoSec Strategies

Reading Time: 2 minutes Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching....
« Older Entries
RSS RSS Feed

Free Downloads

  • ISO 27001 Roadmap
  • ISO 27001 Cost Guide
  • vCISO Roadmap
  • View All »

Filter Articles By Tags

Application application security testing ASVS business continuity planning CCPA CMMC compliance cyber attacks cybersecurity Data Breach data privacy Disaster Recovery disaster recovery plan Financial GDPR hackers information security information security risk infosec ISMS ISO 27001 ISO 27001 audit ISO 27002 Law Legal municipal government NIST OWASP OWASP ASVS Passwords Penetration Test Phishing regulation Risk Assessment Risk Management SCA security awareness education security awareness training SIEM SOC 2 Social Engineering The Virtual CISO Podcast tprm vCISO Vendor Risk Management

Blog Categories

  • ISO 27001 Certification
  • ISMS Consulting
  • InfoSec Risk Assessment
  • Penetration Testing
  • Ethical Hacking
  • Business Continuity Management
  • FedRamp
  • Disaster Recovery

About Us

Pivot Point Security has been architected to provide maximum levels of independent and objective information security expertise to our varied client base.

Free Resources »

Recent Blog Posts:

  • FedRAMP – What is It and Who Needs to Know?
  • CMMC System and Information Integrity Domain: Quick Sketch
  • CMMC System and Communications Protection Domain: Rapid Rundown
  • CMMC Situational Awareness Domain: Summary
white ISO 27001 logo
  • Home
  • Blog
  • About Pivot Point Security
  • The Virtual CISO Podcast

© 2001 - 2021 Pivot Point Security Privacy Policy | Cookie Policy | External Linking Policy | Sitemap