04 May ISMS Consulting, Third Party Risk Management Standardized Control Assessment – Why the AUP Became the SCA January 19, 2024 By Richard Barrus In the past, I've written about the Shared Assessment group's on-site third-party vendor assessment tool called the Agreed Upon Procedu... Continue reading
08 Mar InfoSec Risk Assessment Why You Need a “Risk Register” Instead of a Risk Assessment January 19, 2024 By John Verry One thing many of our customers struggle with is integrating ongoing risk assessments into their cybersecurity programs. That’s a real... Continue reading
20 Apr Government | Category - Pivot Point Security 6 Eye-Opening Findings About Local Government Cyber Security January 19, 2024 By Richard Barrus For the past several months I’ve been working on a cyber loss control project performing risk assessments for over 100 New Jersey munic... Continue reading
14 Apr Government | Category - Pivot Point Security NYDFS Cybersecurity Regulation 2017: A 6-Step Plan to Eat the Whale January 14, 2024 By John Verry The New York State Department of Financial Services (NYDFS) 23 NYCRR 500 Cybersecurity Requirements for Financial Services Companies is... Continue reading
16 Aug InfoSec Risk Assessment Balancing Objectivity and Subjectivity in Risk Assessment January 18, 2024 By Richard Barrus Risk assessment is a fascinating activity that is relevant to everyone, all the time, and involves both our individual, subjective inte... Continue reading