Insights

Expert insights into the industry's hottest topics - from CCPA compliance to cloud security to purple team assessments. Search by topic or by content type (white paper, blog, case study, etc.) to find what you're looking for.
Blog

Upgrading Your Internal Controls for a Hybrid Envi…

Governance, Risk and Compliance (GRC) has become a key component of IT and business environments in every industry - and these environments are expanding rapidly. With the widespread adoption of cloud-based solutions, many organizations now operate with a hybrid environment that mixes cloud and on-premise technologies.…
Blog

How to Use Privacy KRIs to Predict Future Risks

GDPR enforcement has kicked off, and the CCPA countdown has begun. With the threat of significant penalties for non-compliance looming, many organizations are placing a greater focus on data privacy. But is “checking the box” on compliance the only (or best) way to evaluate the effectiveness of your program?  …
Case Study

Assessing and Ensuring GDPR Compliance for a Fortu…

Focal Point’s GDPR and global privacy services client (“the Company”) is a recognized leader in the hospitality and travel leisure…
Blog

A New Tool for Finding Malicious JavaScript and Se…

September 2019 Update: This JavaScript Security extension has been published by Burp Suite! You can install it directly within Burp, via the BApp Store feature in the Burp Extender tool. Why compromise just one website when you can compromise a whole bunch of them all at once? I'm sure that's what attackers were thinki…
White Paper

Boosting Organizational Success by Advancing Data …

This guide dissects the root causes of poor data quality and provides a step-by-step approach to achieving high data quality.
Blog

8 Areas to Include in SAP Access Control Testing

Information Technology General Controls (ITGC) are the basic controls that can be applied to IT systems such as applications, operating systems, databases, and supporting IT infrastructure. The objective of ITGCs is to ensure the integrity of the data and processes the systems support. Your SAP ERP applications cross a…
Case Study

Implementing SailPoint IdentityNow at a Global Pha…

Focal Point’s IAM services client is a leading global pharmaceutical company, with more than 20 years of experience and operating…
Blog

Let’s Get Cracking: A Beginner’s Guide…

The Focal Point Attack & Penetration team performs many internal penetration tests that culminate in a compromise of Windows Active Directory domains and access to the password hashes of all domain users. Like many teams that provide pen testing services, we have a high-powered GPU-based password-cracking rig that …
Case Study

Data Quality Assessment and Data Warehouse Design …

A leading technology company engaged the Focal Point Data Analytics team to perform a data quality assessment for their 11…