23 Jul InfoSec Strategies | Category - Pivot Point Security 4 Reasons to Establish and Exercise Your Right to Audit Vendors June 19, 2024 By Richard Barrus How do you really know your highest-risk vendors are doing what they say they’re doing, security-wise—especially if it involves meeting... Continue reading
03 Oct ISMS Consulting An Auditor’s View of ISO 27001 Internal Audits: Thrills, Chills and Hopefully Some Value-Add January 13, 2024 By Richard Barrus When most people think of audits in general, they’re imagining mundane, cookie-cutter affairs that are about as interesting as watching... Continue reading
29 Sep Penetration Testing Patch Verification: The Missing Link in Too Many Patch Management Programs January 19, 2024 By Terry Crowley With so much malware out there targeting known vulnerabilities on unpatched systems, patch management is universally recognized as fund... Continue reading
23 Jun ISO 27001 Certification | Category - Pivot Point Security What is a Reasonable Cost/Scope for an ISO 27001 Internal Audit? January 19, 2024 By John Verry We recently bid on an ISMS Internal Audit (ISMS IA) for an existing client at around $8,000, and were very surprised when the client le... Continue reading
16 Apr ISO 27001 Certification | Category - Pivot Point Security A Key “Hidden” Lesson from the Sony Breach: You’re Only as Strong as Your Soft Controls January 19, 2024 By John Verry Throughout 2014 and into 2015 with the recent Anthem Blue Cross breach, every few weeks with distressing regularity there has been a ne... Continue reading