It starts with a critical baseline analysis.

A comprehensive, expert Cyber Risk Assessment guided by ecfirst.

Take advantage of ecfirst’s decades of expertise in regulatory compliance and risk management.
Assessments are completely tailored to your organization’s requirements.

Scope

Policies and procedures
- A structure to visualize and track development and implementation.
Risk management
- A review of the adequacy and preparedness of your current measures.
- Includes a Business Impact Analysis (BIA).
Data, Network and Applications
- To identify how/where information, particularly PHI and PII is stored and protected.
Network and Infrastructure Security
- Assess, test security architecture for robustness and standards adherence.
- Conduct internal and external network Penetration Testing and Vulnerability Assessment.
Application Security
- Application Security.
Personnel/Staff Assessment
- A gauge of how well your staff understands security procedures and is prepared for incidents or events. Determine whether current education enables employees to respond correctly to Social Engineering.

Standards covered

HIPAA
PCI DSS
ISO 27001
NIST
HITRUST
Others required

bizSHIELD™

A proven methodology that addresses the details, conditions, requisites and mandates of each regulatory standard.

TRACER™

A compliance portal designed to centralize, automate and manage the components of your individual assessment program. Tracer™ reduces your efforts in data collection, enables efficient management of your compliance program and remediation plans. Includes capabilities to manage policies and business associate agreements. A cybermapper tool organizes and visualizes the different security standards and regulations.

Trusted by the industry with proven methodology and results

18

Years of experience

25,000+

People trained & certified
by ecfirst

1,000+

Satisfied Customers

In the News

ecfirst will be delivering a featured session on Cyber Immune Defense: HITRUST Delivers an Active Defense.

Events

Cyber Immune Defense, Featured Presentation by Ali Pabrai at ISSA/ISACA/ISC2 Phoenix Security Conference, Sept. 20, 2018

Thought Leadership

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), CCSFP (HITRUST) is the chief executive of ecfirst, an Inc. 500 business. He is a highly regarded information security and regulatory compliance expert.