by Johnna Verry | Aug 25, 2021 | InfoSec Strategies
Reading Time: 7 minutes
For summer 2021 I was excited to once again intern with Pivot Point Security. I enjoyed working there last summer and learned a lot about information security by engaging with technical subject matter experts to translate complex...
by John Verry | May 11, 2018 | Penetration Testing
Reading Time: 2 minutes
Editor’s Note: This post was originally published in September 2015 and has been updated for accuracy and comprehensiveness. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on...
by John Verry | Sep 9, 2014 | ISO 27001 Certification
Reading Time: 2 minutes
What is the most efficient way to get ISO 27001 certified if you already have your SOC 2 attestation? It’s not uncommon for an organization that had previously used (somewhat incorrectly) SAS 70 as its primary means of demonstrating...
by John Verry | Oct 17, 2013 | ISMS Consulting
Reading Time: 2 minutes
Increasingly we are seeing organizations that are deciding to use both ISO-27001 and SOC2 to demonstrate their commitment to information security. Most frequently this is driven by differing contractual requirements imposed upon them...