Insights

Expert insights into the industry's hottest topics - from CCPA compliance to cloud security to purple team assessments. Search by topic or by content type (white paper, blog, case study, etc.) to find what you're looking for.
Case Study

Automating Manual Processes at a Fast-Paced Health…

A fast-paced healthcare company engaged Focal Point to assist with automating their various manual processes. The Company’s manual processes presented…
Blog

Data Protection in Thailand: A Summary of the PDPA

After several legislative attempts, the Thailand Personal Data Protection Act (PDPA) was finally approved by the Thai National Legislative Assembly in February 2019. Following the passage of the bill, the PDPA was published in the Royal Thai Government Gazette and came into effect on May 28, 2019. Companies now have on…
Blog

HPE’s Deputy CISO Discusses Cyber Workforce …

This is the first episode in Focal Point's Practitioner Interview Series, in which Focal Point experts sit down with real-world security leaders to discuss strategies for overcoming common security challenges. Drew Simonis, Deputy CISO of Hewlett Packard Enterprise, graciously sat down with Focal Point's Justin Avery t…
Webinar

An Interview with HPE’s Drew Simonis: Cyber …

This is the first episode in Focal Point’s Practitioner Interview Series, in which Focal Point experts sit down with real-world…
Blog

Tips for Improving Data Privacy Conversations in t…

When you add up business disruptions, productivity and revenue losses, settlements, fines, and penalties, the average cost to a company not compliant with data protection, state, federal, international, or industry regulations is around $15 million. With a skyrocketing number of new data protection laws (e.g., the CCPA…
Blog

How to Build Obfuscated Macros for your Next Socia…

Attention, pen testers: Are you looking to run a phishing campaign that puts your antivirus software to the test? Then this post is for you. In this post, I will guide you through how to build a malicious obfuscated macro in a Word document. I know you may be thinking that there are plenty of tools that generate Visual…
Blog

How to Build a Cheap Active Directory Pen Test Lab…

The Problem Whether you're brand new to penetration testing or have some experience under your belt, you want to have a safe environment where you can learn and practice the use, exploitation, and remediation of vulnerable software and unsafe configurations without exposing yourself or your clients' systems and network…
Blog

What Makes a Good Penetration Test?

As I speak with clients about their penetration testing needs, it has become increasingly clear to me that most organizations are still struggling to figure out what constitutes a good penetration test and how to buy one. Cars have been around long enough that, as a society, we’ve generally agreed upon the basic stan…
Blog

A Closer Look at the AICPA’S SOC for Cybersecuri…

Headline-making breaches. Compromised data. Regulatory Fines. Reputational damage. The threat of these consequences puts organizations under intense pressure to prove they are managing cybersecurity threats effectively and are prepared to handle an incident at any moment. With new data protection regulations like the …