Home | Press | Contact Us | Site Map
HIPAAacademy.net Home
.
 

Uday Ali Pabrai

CISSP (ISSAP, ISSMP), CSCS™
Member U.S. FBI InfraGard
ecfirst Chief Executive

5000 Birch Street
West Tower, Suite 3000
Newport Beach, CA 92660
949.260.2030 office

CAREER HIGHLIGHTS

  • Enterprise Security Architect, Advisor and Consultant to hundreds of mid to large businesses and U.S. government agencies in past two decades. Subject matter expert on information security and regulatory compliance standards including ISO 27002, PCI DSS, HIPAA, FISMA and Sarbanes-Oxley Section 404.
  • Established a base of over 900 clients in the financial, government and healthcare industries in the U.S. as Chairman, CEO and Co-founder of ecfirst. Recognized as an Inc. 500 business - America’s Top 500 Privately Held Business in 2004. Achieved distinction in first year of eligibility.
  • Earned exclusive endorsement of ecfirst’s compliance training program by the American Hospital Association (AHA). Exclusive author of compliance & security tip article that is sent by the AHA to thousands of hospitals in U.S. every week.
  • Published, The Art of Information Security, a leading book covering cyber security strategy and best practices, 2005.
  • Bootstrapped Net Guru Technologies in 1994. Business acquired by NASDAQ-based firm in 1997.
  • Awarded Entrepreneur of the Year by the Illinois Indian Chamber of Commerce in 1997 and nominated for Ernst & Young’s Entrepreneur of the Year® award, 1997.
  • Career established in the United States in 1987 as a member of the security team at Fermi National Accelerator Laboratory (Fermilab), U.S. Department of Energy (DOE) – world’s leading high-energy physics research organization. Fermilab sponsored my Permanent Resident (green card) process eventually leading to my acquiring U.S. citizenship in 1997.
  • Career launched in 1983 with Schumberger, a leading oilfield services provider, in Dubai, United Arab Emirates (UAE) as an Associate Accountant. Saved earnings to offset U.S. college expenses.

SUMMARY OF EXPERIENCE

  • Held office positions of CTO, CKO, and Vice Chairman for NASDAQ-based businesses.
  • Clients have included Wells Fargo, U.S. Naval Surface Warfare Center, Principal Financial, Microsoft, Kemin, Blue Cross Blue Shield, Marsh, many hospitals, several U.S. state governments and the U.S. Defense Intelligence Agency.
  • Established the world’s first certification program that comprehensively addresses global compliance standards and regulations in the area of information security - the Certified Security Compliance Specialist (CSCS). Hundreds of client testimonials available at www.ecfirst.com.
  • Developed leading certification credentials in the world, including CIW, Security Certified Program (SCP), and the HIPAA Academy’s CHP and CHSS.
  • 10+-rated keynote speaker at several conferences, including ISSA, HCFA, HIPAA Summit, Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing (NCSBN) IT Conference, and many others.
  • Delivered fast paced, high energy information security briefings in many cities worldwide including New Delhi (Pragati Maidan), Bangalore and Mumbai (India), Tsukuba City (Japan), Dubai (UAE), Karachi and Lahore (Pakistan), London (UK), and across the United States.
  • Author of several best selling industry books, including Internet & TCP/IP Network Security and Getting Started with HIPAA. Published hundreds of articles on regulatory compliance and information security. 

EXPERIENCE

2000 - Present                                                Chairman, CEO & Co-founder, ecfirst, Inc.

  • Architect for the Managed Compliance Services Program developed by ecfirst. This is a 36-month, fixed fee program that enables businesses to achieve complete compliance with information security standards such as HIPAA, SOX Section 404, PCI DSS, and the ISO 27002.  
  • Project Manager for hundreds of audits to identify compliance gaps and security vulnerabilities in the enterprise information infrastructure. Authored reports and typically presented findings and recommended next steps for remediation to executive management and Board of Directors.
  • Established security strategy and tailored information security policies and procedures for many organizations across the United States.
  • Developed complete library of information security policies and procedures to meet requirements of ISO 27002, HIPAA, SOX, PCI DSS and other legislations and standards.
  • Led many projects in the areas of single sign-on (SSO) assessment and deployment, risk analysis, vulnerability assessment (penetration testing), perimeter defense, wireless security, compliance audit and evaluation.
  • Senior Security Consultant for a Marsh USA/Seabury and Smith project to deploy a VPN to support a cost effective, secure remote access solution for Seabury employees.
  • Senior Security Consultant for Wells Fargo’s security infrastructure integration project. This project resulted in specific recommendations and implementation initiatives to minimize problems of integrating the security policies and infrastructure of newly acquired businesses.
  • Senior Security Consultant for Principal Financial’s electronic signature requirements analysis project to address the security of electronic mortgage documents.
  • Developed BizShieldTM – a cyber security methodology for The 7 Steps to Enterprise Security including risk analysis and management, policies, remediation, training, and audit.
  • Project Manager for BioShieldTM – a fingerprint-based biometric authentication product that replaces the use for Windows passwords in NT and 2000.
  • Trained thousands of technology and security professionals on cyber security threats and best practices for information security defense. Developed and delivered highly customized security training content for security officers for the U.S Department of Veterans Affairs.
  • Keynote speaker at the VitalWorks Conference (2004), HIPAA Security Experts Round-table at HIPAA Summit (2004), Midwest E-Business Conference, the Iowa Governor’s conference on E-Business (2001), as well as a Panel Member for the e-Business Liability Forum for Marsh USA (June 2001). Key presenter for Compliance, PKI and Biometrics at Internet World 2002 in LA.

1999 – 2000                                                    Chief Knowledge Officer, Nextera, Inc.

  • Responsibility.  Lead effort to deploy world-class KMS solution that captures and stores knowledge at all levels of client engagements. 
  • Developed e-bootcamp to establish baseline business and e-technology skills for employees.

1998 – 1999    Vice Chairman and Chief Technology Officer, Prosoft

  • Responsibility. Managed Prosoft’s content development, e-business consulting, certification and training practices on the cutting edge.  Elected as Vice Chairman of Board in 1998.
  • Acquisition Manager.  Integrated and eliminated where necessary, all Net Guru Technologies’ personnel, business practices and processes into Prosoft’s operations. 
  • Product Architect.  Defined Prosoft’s e-business content strategy.  Led to completion the industry’s leading Internet skills certification program.  Rolled out the CIW program worldwide with partners such as New Horizons, CompUSA, IBM Learning, and ExecuTrain.
  • Industry Leadership.  Established key relationships with AIP, WOW and CompTIA.
  • International Markets.  Introduced Prosoft’s products and services in markets such as Europe, Japan, Kuwait, United Arab Emirates (UAE), India and Pakistan.

1992 – 1997                                          Founder, Net Guru Technologies, Inc.

  • Start-up to Acquisition.  Founded NGT as a single-person, self-financed, bootstrap operation in January 1994.  NGT, an Internet skills training, certification and network security consulting business, was acquired by Prosoft (NASDAQ: POSO) in 1997. 
  • Created Internet Credential.  Created the Certified Internet Webmaster (CIW) and established it as the leading credential for Internet skills certification worldwide.
  • Consulting Practice.  Developed an EAGLE ESM Network and Security Methodology that led to hands-on training and consulting projects all across the USA at sites such as Microsoft, CBOE, Kemper Insurance, Bank One, Landis & Gyr, NICOR, Norwest Mortgage and others.
  • Founded Firm in Ireland.  Partnered with Irish investors to establish the Internet Certification Institute International (ICII) in the Shannon area in Ireland. 
  • Strategic Marketing Agreements.  Successfully concluded key revenue producing marketing agreements with dominant Internet trade-show and conference organizers such as MecklerMedia (Internet World) and DCI (e-business expo).
  • Worldwide Certification Exam Partner.  Was first in the industry to partner with Prometric to introduce exams that validate Internet skills. 

1991 - 1992                                           Project Manager, Teradyne, Inc.

  • Responsible for migrating VAX/VMS systems on DECnet to a TCP/IP-based network.
  • Lead consultant for problems related to DOS, UNIX and TCP/IP.
  • Designed and implemented a TCP/IP subnet architecture for the firm’s TCP/IP network.
  • Analyzed network traffic and configured network elements such as bridges and routers.

1987 – 1991                                          Group Leader for System Integration
Fermi National Accelerator Laboratory, U.S. Department of Energy

  • Analyzed network load as a consequence of the X protocol. Addressed network load and client-server models of computing; diskless vs. dataless vs. X terminals vs. stand-alone systems.  Factors considered included paging and swapping (its effect on the network), memory, protocols - their performance and network load.
  • Evaluated FORTRAN compilers on the Sun SPARCstation, Silicon Graphics IRIS, Data General AViiON, Digital DECstation, and IBM RS/6000.  Compliance with the ANSI specification and a study of the emerging Fortran 90 standard were the key objectives.
  • Led the Computing Division UNIX Seed Project.  Installed and integrated different flavors of UNIX (SunOS, AIX, ULTRIX, IRIX) on a TCP/IP network. 
  • Co-authored “Understanding and Using Computer Networks” Second Edition, 1991. 
  • Key member of the Supercomputer Task Force.  Developed applications in REXX and FORTRAN for VM/XA.  Lead consultant in the areas of networking and operating systems.
  • Completed several projects on the IBM 7171 communications device and the Interlink gateway. Provided transparent access between VAX/VMS systems on DECnet and Amdahl systems.

ACADEMICS 

Masters of Science in Electrical Engineering                                                  1988-1989
Illinois Institute of Technology, Chicago, Illinois
Thesis:  Network Security Design for UNIX Systems in a Distributed Environment

Bachelor of Science in Computer Engineering                                               1983-1986
Clemson University, Clemson, South Carolina

Indian High School, Dubai, UAE                                                                      1981-1982
Topped All Schools in Middle-East in Grade 12 Examinations (All Subjects). On Merit List (Top 20) in India.

Air Force Central School, New Delhi, India                                                     1977-1980
Topped All India in Grade 10 Mathematics Examination
Last updated: November 17, 2004