Taxicab Technology Security - Pivot Point Security and NYC TLC present at International Association of Transportation Regulators (IATR) Conference in New York

Share Article

John Verry, of Pivot Point Security (Hamilton, NJ), spoke of the multiple security issues he and his firm addressed for the NYC TLC's Taxicab Technology Passenger Enhancement Program (T-PEP). Verry helped focus conference attendees on security issues all transportation regulators face in this new age of technology.

On September 14, 2009, John Verry (CISA), Principal Enterprise Security Consultant at Pivot Point Security (Hamilton, NJ), addressed a gathering of international transportation regulators at the 22nd annual conference in New York City. The conference attendees, who came from all across the US and Canada, and as far away as the United Kingdom, were formally welcomed by IATR President, Malachi Hull of Atlanta and President-Elect Matthew Daus of New York City.

The feature presentation on Monday (9/14/09) shone a spotlight on the New York City Taxi and Limousine Commission's (NYC TLC) T-PEP program. Ira Goldstein, Chief of Staff of NYC TLC, facilitated speakers and panels, including Pivot Point Security (, who addressed the myriad of components that comprise the city's Taxicab Technology Passenger Enhancement Program

Because T-PEP processes/transits data that is subject to Personally Identifiable Information (PII) and Payment card Industry (PCI) standards, security is critical. Focusing on the Key Challenges faced by transportation regulators, Verry explained the approach that was leveraged.

The approach emphasized:

  •     Understanding the risks to Owner, Driver, and passenger data
  •     Communicating Security Requirements to technology vendors (leveraging 3rd party standards wherever applicable: PCI, ISO 27001 (, OWASP)
  •     Accrediting Systems into Operation via security testing
  •     Governing the ongoing operation

Verry wrapped his presentation by reminding the regulators that enforcing change control is critical. "Because technology, regulations, and threats evolve," Verry said, "You can never rest on today's solutions. Remember, you're in it for the long haul!"

To download a copy of the presentation click on the link below:

About Pivot Point Security
Pivot Point Security is a boutique information assurance firm providing independent and objective information security expertise to our varied client base. Our policy of not selling product and our absolute focus on four core practice areas; Security Assessments, Ethical Hacking, Compliance Assessments, and Security Information Event Management (SIEM) ensures that we have the highest possible levels of competence and independence. PPS currently consults on transportation regulation projects and welcomes inquiries. Visit us at


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Lisa Zorovich
Pivot Point Security
609.581.4600 ext. 320
Email >
Visit website