by Kevin Hermosura | Dec 13, 2019 | Third Party Risk Management
Reading Time: 2 minutes
Managing vendor risk effectively can demand significant planning and resources. Many small to medium sized businesses (SMBs) lack the expertise and employee bandwidth to tackle the problem in-house, so they’ve put off addressing it.... by Kevin Hermosura | Nov 15, 2019 | Third Party Risk Management
Reading Time: 2 minutes
A disturbing fact that often comes to light in conversations with clients and prospects is that IT and information security teams don’t know what vendors their company is sharing sensitive data with. Sure, they can name their most... by Kevin Hermosura | Oct 25, 2019 | Third Party Risk Management
Reading Time: 3 minutes
A SOC 2 attestation is a report from an independent auditor, which states his or her opinion of a company’s internal security and financial controls. SOC 2 doesn’t start with a detailed list of requirements that must be met and how... by Kevin Hermosura | Sep 24, 2019 | Third Party Risk Management
Reading Time: 2 minutes
You’re a salesperson. You’ve spent untold hours cultivating an awesome prospect: wining and dining, arranging presentations, making site visits, and so on and on. The contract is all but signed. Then the prospect hands you a security... by Andrew Farkas | May 21, 2019 | InfoSec Strategies
Reading Time: 3 minutes
May is “Privacy Month” on the Pivot Point Security blog, and we’re offering a multi-part post on the five indispensable success factors for law firms’ security/privacy initiatives. In Part 1, I introduced the 5 success factors and...
