NEWPORT BEACH CA USA -- HIT/HIPAA UPDATE NEWS SERVICE™ -- DECEMBER 5, 2007: In a business environment where daily media reports of consumer data loss are on the rise, and looming deadlines for PCI compliance audits are placing increasing pressure on organizations to implement tools and strategies for data loss prevention, businesses can no longer afford to ignore data security. According to the Ponemon Institute, a single consumer data loss event can cost your organization as much as $22 million in regulatory fines and incremental expenses such as mitigation and remediation, not to mention possible negative publicity that can put your brand and company reputation at risk.

Any organization who accepts payment by credit card for goods or services rendered needs to focus on developing strategies for comprehensive data loss prevention and compliance to:

• Pass impending PCI audits and ensure ongoing compliance
• Protect against brand erosion and keep customer confidence at its peak
• Avoid costly fines for non-compliance in the case of a data loss event

With the proliferation of business communications and transactions conducted via common channels such as email, IM and Web, your company or confidential data may be leaving your organization right now. The perpetrators may reside within your own walls...or may be originating from sophisticated spyware methods penetrating your networks. Whether your data loss is accidental or malicious, you need to gain insight into the magnitude of your data loss problem, identify security gaps, and develop a proactive approach to stop data loss before it happens to protect the privacy of your company and customer data.

Register now for a live interactive webcast featuring Ali Pabrai, information security and PCI compliance expert, and Andrew Graydon, CTO of BorderWare Technologies. In this session, the speakers will provide an overview of the 12 key requirements of the PCI DSS framework and critical steps that organizations need to take to pass their impending and future PCI audits.

Attendees will be guided through the six PCI control objectives and the importance of technology and proactive strategies for implementing effective solutions for compliance-driven protection of sensitive customer and company data. In addition, tips will be provided for what to look for when selecting a data loss prevention technology solution, as well as insights into some of the best practices successfully used by security and compliance professionals in their PCI implementations.

• Critical steps for ongoing adherence to PCI compliance requirements
• How to gain full control and retain absolute visibility of company and consumer data leaving your organization to prevent losses and negative publicity before they happen
• How to obtain comprehensive visibility into where and how data is escaping and the magnitude of the data loss problem
• How to demystify the different technology options allowing accurate enforcement at all loss points by providing immediate and granular protection
• How to dramatically increase direct control over user actions, including an efficient way to enhance enforcement with optional quarantine and encryption
• How to provide comprehensive controls across email, IM and Web with a single policy to close security gaps

Ali Pabrai, CISSP (ISSAP, ISSMP), CSCS, Security & Compliance Expert
Ali Pabrai is a highly sought after security and compliance expert and author of The Art of Information Security. Mr. Pabrai has successfully delivered tailored security solutions to hundreds of organizations across the United States. He is also author of the executive brief "Complying with PCI DSS: Meeting PCI DSS Requirements" and recently launched the Certified Security Compliance Specialist (CSCS) program that addresses key compliance and security regulations, including PCI DSS, ISO 27001/27002, FISMA and others. Mr. Pabrai is a notable speaker and has presented keynote and other sessions at several conferences worldwide, including Internet World, Comdex, NetSecure, and Information Systems Security Associations (ISSA) Conferences. He is also a member of the U.S. FBI InfraGard, an organization dedicated to protecting organizations from cyber-based threats and intrusions.

Andrew Graydon, CTO, BorderWare Technologies
Andrew Graydon, BorderWare's CTO leads the technology innovations of the company to address key market concerns for messaging security including compliance, data loss prevention, and the convergence of Internet-based applications such as email, IM, Web and VoIP. Mr. Graydon is a widely published expert in the security industry with many articles and submissions in publications such as CIO Magazine, InfoWorld, Network World, Red Herring, SC Magazine, The Globe and Mail , IETF, IEEE, and many others. In addition, Andrew is an accomplished speaker and has participated at Interop, IEEE Globecom, Wireless Conference/Asia, Voice on the Net/Europe, IP.4.IT, CSI Conference, VoIP Developer Conference, VON and E-Gov Institute's Homeland Security Conference. Mr. Graydon holds a B.Sc(Hons) in Applied Physics specializing in Computational and Mathematical Physics from Dublin University, Ireland.

Lorna Waggoner, Director of Business Development
877.899.9974 x17
Lorna.waggoner@ecfirst.com

ecfirst.com is a leader with rich hands-on experience delivering world-class security regulatory compliance solutions including a 2-day on-site PCI DSS assessment service . The ecfirst.com Regulatory Compliance Practice delivers deep expertise with its full suite of services that include single sign-on, context management, contingency planning, Business Impact Analysis (BIA), vulnerability assessment, as well as managed compliance, security and IT infrastructure solutions.

ecfirst.com assists organizations with their compliance initiatives for a secure information infrastructure that is compliant with regulations such as PCI DSS, Sarbanes-Oxley, HIPAA and the ISO Standard. ecfirst.com can help you with your information security challenges and priorities. ecfirst.com solutions help your organization implement the security safeguards required as a result of regulatory requirements. ecfirst.com, an Inc. 500 business, serves over 900 clients across the United States.

For more information, please visit www.ecfirst.com.