Vendors such as Business Associates are one of the major sources of data breach.

These vendors are beyond your direct oversight and governance. This increases your vendor-related risks from rising security threats and regulatory penalties.

ecfirst has client-endorsed capabilities to support your requirements for

  •  Vendor compliance and security assessment
  •  Security planning and gap remediation
  •  Vendor certifications and training

Services

  • Business Impact Assessment (BIA)

    A thorough review of vendor capabilities, policies and procedures with relevance to your own business requirements. How the vendor controls and manages the information provided is part of a business impact analysis.
  • Vendor Security Assessment

    An evaluation of risks based on our bizSHIELDtm process. This is a proven methodology that addresses the details, conditions, requisites and mandates of each regulatory standard and security requirement. This assessment can support decisions on selecting/contracting with specific vendors.
  • Offshore Vendor Assessment

    As a company with global resources, ecfirst is able to provide onsite vendor assessments for evaluation as a supplier, and for other assessment processes that would benefit from direct onsite access.
  • Vendor Certifications

    ecfirst has been a trusted provider of vendor certifications and training as part of the vendor selection process. This covers existing and new certifications, including HITRUST CSF.
ecfirst

Trusted by the industry with proven methodology and results

18

Years of experience

25,000+

People trained & certified
by ecfirst

1,000+

Satisfied Customers

In the News

ecfirst will be delivering a featured session on Cyber Immune Defense: HITRUST Delivers an Active Defense.

Events

Cyber Immune Defense, Featured Presentation by Ali Pabrai at ISSA/ISACA/ISC2 Phoenix Security Conference, Sept. 20, 2018

Thought Leadership

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), CCSFP (HITRUST) is the chief executive of ecfirst, an Inc. 500 business. He is a highly regarded information security and regulatory compliance expert.