• Social Menu
  • Social Menu
  • Social Menu
  • Social Menu
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001 Resources
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001 : Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • CMMC Marketplace FAQs
      • SSP for CMMC
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Our Stance on Inclusivity
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
  • 1-888-PIVOT-POINT
    1-888-748-6876
  • info@pivotpointsecurity.com
  • 1-888-PIVOT-POINT | 1-888-748-6876
  • info@pivotpointsecurity.com
Pivot Point Security
PPS ISO 27001 Logo
  • Services
    • CMMC Preparation
      • CMMC Compliance Services
    • ISO 27001
      • ISO 27001 Certification
      • ISO 27001 Maintenance
      • ISO 27017 – Cloud Security for CSP’s
      • ISO 27018 – Data Privacy for CSP’s
      • ISO 27701 – Data Privacy Management System
    • SOC 2 Readiness
    • Virtual CISO (vCISO)
    • IoT Security
      • IoT Security Consulting & Assessments
    • Network Security
      • CREST Network Penetration Test
      • Vulnerability Assessment
      • Penetration Test
      • Architecture Review
    • Application Security
      • Penetration Test
      • API Penetration Testing
      • Architecture Review & Threat Assessment
    • Vendor Due Diligence
      • Accelerated Vendor Due Diligence
      • Third Party Risk Management
    • SaaS Security
    • Business Continuity
    • Blockchain Security
  • Compliance
    • CMMC
      • CMMC Compliance Services
      • DFARS Compliance
    • CCPA
    • SOC 2
    • CIS CSC
    • PCI
    • FedRAMP
    • NYDFS
    • GDPR
    • HIPAA
    • HITRUST
  • Industries
    • Legal
    • Financial
    • Government
    • Healthcare
    • More Industries
  • Resources
    • ISO 27001
      • ISO 27001 Audit & Cost Guide
      • ISO 27001 Checklist
      • ISO 27001 Cost Blog
      • ISO 27001: Recipe & Ingredients for Certification
      • ISO 27001 Roadmap
      • ISO 27701 Cost
      • Gap Assessment Template
      • Risk Assessment Template
    • CCPA
      • CCPA Compliance Roadmap
    • CMMC
      • CMMC Certification Guide
      • CMMC C3PAO FAQs
      • CMMC Capabilities
      • CMMC Cost
      • CMMC Gap Analysis FAQs
      • SSP for CMMC
      • CMMC Marketplace FAQs
    • vCISO
      • vCISO Cost
    • FedRAMP
      • FedRAMP Cost
    • Third Party Risk Management
      • VRM Best Practice Guide for Small to Medium Businesses
    • Application Security
      • Ready for a Pen Test? Infographic
    • Business Continuity
      • BCP Table Top Exercise Template
  • About Us
    • Locations
    • Client Satisfaction
    • Giving Back
    • Jobs
    • Working at Pivot Point Security
    • PPS Partners
    • Inclusivity: Our Stance & Actions
    • The Virtual CISO Podcast
  • Blog
  • Contact Us
Access The Latest Episodes from The Virtual CISO Podcast

Great Vendor Tools Does Not = Security

by Jeremy Sporn | Sep 28, 2020 | Vendor Due Diligence

Reading Time: 2 minutes   When it comes to vendor due diligence, I often see organizations make the mistake of overlooking one key aspect. Most vendor risk management programs and practitioners are always focused on the vendor risks – the risks that...

How Much Do Vendor Due Diligence Reviews Cost?

by Jeremy Sporn | Sep 25, 2020 | Third Party Risk Management

Reading Time: 2 minutes   Managing vendor risk isn’t easy. Often it’s time-consuming and expensive, and diverts scarce resources from other critical tasks. As a result, many companies have ad hoc, inconsistent or weak vendor due diligence programs....

Upping the Due Diligence with Your ISO 27001 Certified Vendors

by Jeremy Sporn | Sep 15, 2020 | ISO 27001 Certification

Reading Time: 2 minutes   Getting an ISO 27001 certificate from a vendor is an overarching statement that, yes, they have an information security management system (ISMS) that meets the requirements of the ISO 27001 standard. But what is the scope of...

Better, Faster AND Cheaper Vendor Risk Assessment? Yes!!

by Jeremy Sporn | Aug 20, 2020 | Third Party Risk Management

Reading Time: 3 minutes The so-called “iron triangle” of project management states that you can make something better, faster OR cheaper—pick any two. But you can never have all three. Making it cheaper makes it less good, making it happen faster increases...

The Shared Assessments SIG and SCA—“Trust” and “Verify” Tools for SMBs’ High-Risk Vendors

by Jeremy Sporn | May 13, 2020 | Third Party Risk Management

Reading Time: 2 minutes The Shared Assessments Program offers multiple tools to assess third-party information security risk. Probably the best-known of these tools is the Standardized Information Gathering (SIG) questionnaire. A growing number of...
« Older Entries
RSS RSS Feed

Free Downloads

  • ISO 27001 Roadmap
  • ISO 27001 Cost Guide
  • vCISO Roadmap
  • View All »

Filter Articles By Tags

Application application security testing ASVS business continuity planning CCPA CMMC compliance cyber attacks cybersecurity Data Breach data privacy Disaster Recovery disaster recovery plan Financial GDPR hackers information security information security risk infosec ISMS ISO 27001 ISO 27001 audit ISO 27002 Law Legal municipal government NIST OWASP OWASP ASVS Passwords Penetration Test Phishing regulation Risk Assessment Risk Management SCA security awareness education security awareness training SIEM SOC 2 Social Engineering The Virtual CISO Podcast tprm vCISO Vendor Risk Management

Blog Categories

  • ISO 27001 Certification
  • ISMS Consulting
  • InfoSec Risk Assessment
  • Penetration Testing
  • Ethical Hacking
  • Business Continuity Management
  • FedRamp
  • Disaster Recovery

About Us

Pivot Point Security has been architected to provide maximum levels of independent and objective information security expertise to our varied client base.

Free Resources »

Recent Blog Posts:

  • FedRAMP – What is It and Who Needs to Know?
  • CMMC System and Information Integrity Domain: Quick Sketch
  • CMMC System and Communications Protection Domain: Rapid Rundown
  • CMMC Situational Awareness Domain: Summary
white ISO 27001 logo
  • Home
  • Blog
  • About Pivot Point Security
  • The Virtual CISO Podcast

© 2001 - 2021 Pivot Point Security Privacy Policy | Cookie Policy | External Linking Policy | Sitemap