1-888-PIVOT-POINT | 1-888-748-6876 info@pivotpointsecurity.com
Talk with an Expert »
Select Page
GDPR & Privacy Shield - What They Mean for Your Business

Sitemap

How the Fiserv Application Vulnerability Validates a Strength of OWASP ASVS

A recent security flaw in a financial technology application was discovered by a security researcher. The flaw illustrates a significant benefit of using the OWAS ASVS over the OWASP Top 10 list when verifying an application's information security. Here’s Why Not to...

Is “Business as Usual” the Biggest Business Continuity Trend?   

From my viewpoint, the latest statistics reported in the Business Continuity Trends and Challenges 2018 report from continuitycentral.com look pretty alarming. For example: The Disaster Recovery Preparedness Council found that nearly 75% of organizations worldwide...

Recovery Planning Neglect – Excuses That Make a BC/DR Professional’s Head Spin 

Quick disclaimer: We really care about our client’s security.  Because of this, my blood has been known to boil when we hear “excuses” or rationalizations as reasons for making poor information security decisions. When it comes to Business Continuity and Disaster...

September 3, 2018: NYDFS 500 “Covered Entities” Compliance Deadline

Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank...

6 Strange-but-True Tales of IoT Hacks

We tend to think of our world full of interconnected devices as fun and convenient. Why not monitor your toaster with a phone app—what could possibly go wrong? The downside, we now know, is that cybercriminals will quickly enlist these Internet of Things (IoT) devices...

Why Pivot Point Security is Now Offering ISO-27001 “As-a-Service” for Certification & Maintenance

Pivot Point Security has been offering ISO-27001 consulting services for over 10 years now – and to this point, we have offered them in a project-based approach that logically aligned with the project-oriented nature of achieving ISO-27001 certification.  It also...

California’s New Privacy Law Means US Firms Can’t Delay Privacy Initiatives Any Longer (Part 2)

The most significant privacy regulation enacted to date, the EU’s GDPR, still feels “over the horizon” to many US firms. For companies that have delayed privacy initiatives, it’s still easy to “risk rationalize” away the need to comply with GDPR. After all, there have...

California Consumer Privacy Act of 2018: What Could It Mean for Your Business? (Part 1)

The State of California, the fifth largest economy in the world, has just enacted the most far-reaching consumer privacy legislation in the US—giving citizens more control over how companies share and sell their personal data. What could this new law mean for your...

Challenges in IoT Security—Is It Getting Better or Worse?

Challenges Facing the Internet of Things It’s easy to predict that IoT security issues could only get worse before they get better. After all, businesses are continuing to install more connected devices with default passwords and with no plans to update...

9 Data Security Questions Law Firms Should Ask Their SaaS Vendors 

Legal firms are highly dependent on anytime/anywhere access to their systems and data, yet need to keep administrative and operational costs to a minimum. Software-as-a-Service (SaaS), with its browser-based access, minimal upfront cost, and outsourced administration...