CSCS™ FAQ

Image result for pdf icon

Certified Security Compliance Specialist™(CSCS™)
Frequently Asked Questions
(FAQ)

CSCS™ Program

Image result for pdf icon

The CSCS™ is a unique program in the
compliance & security industry-indeed
the first of a kind in the world

To Learn More CSCS™

Why Sign up with CSCS™?

Increasingly, businesses are challenged with both securing their digital assets and the information infrastructure as well achieving full compliance with numerous legislations and regulations that impact their industry. Healthcare, financial, government and other verticals are required to constantly monitor the changing dynamics of their infrastructure to mitigate risks and vulnerabilities as well as ensure compliance with international as well as U.S. federal and state legislations and industry best practices. Further, United States federal information systems and those of their business associates must meet specific certification and accreditation security guidelines.

CSCS™ Program Covers Major Information Security Regulations & Standards

The CSCS™ Program is the first and only program in the world that provides a comprehensive treatment of major information security regulations and standards. You can expect to learn and understand core requirements of the following from the CSCS™ program:

  • ISO Standards including 27001, 27002, 27799
  • PCI DSS
  • FISMA
  • NIST Standards
  • HIPAA and HITECH: U.S. Healthcare Regulations
  • U.S. State Regulations on Information Security

The Certified Security Compliance Specialist™ (CSCS™) credential is a job-role based designation. This program is designed to enable professionals to understand, prioritize and ultimately assist organizations achieve compliance with information security-based regulations.

Compliance is big business. Legislation (including guidelines and standards) such as PIPEDA, HIPAA, HITECH and standards such as the ISO 27000 are a requirement for organizations to comply with. A key objective for organizations worldwide is to integrate security best practices and be in compliance. Skilled professionals who understand regulatory compliance requirements and information security are valued across several industries, especially healthcare, financial and the government.

The Certified Security Compliance Specialist™ (CSCS™) is a unique program of its type in the compliance and security industry – indeed the first of its type in the world. It is laser-beam focused on thoroughly examining compliance requirements and establishing best practices that can be applied in securing today’s digital business information infrastructure.

Organizations are quickly moving to a digital ecosystem that is governed by strict regulatory compliance requirements. Validate your compliance security skills and knowledge and distinguish yourself with the credential, Certified Security Compliance Specialist™ (CSCS™).

Distinguish Yourself in the Marketplace – Get the CSCS™ Credential!

Just having a background in Information Technology (IT) or information security is not sufficient anymore for the challenges of business today. Employers are looking for individuals who not only have IT skills but also understand compliance regulations that impact their industry and business – because these are priorities that must be met.

Why CSCS™?

Increasingly, businesses are challenged with both securing their digital assets and the information infrastructure as well achieving full compliance with numerous legislations and regulations that impact their industry. Healthcare, financial, government and other verticals are required to constantly monitor the changing dynamics of their infrastructure to mitigate risks and vulnerabilities as well as ensure compliance with international as well as U.S. federal and state legislations and industry best practices. Further, United States federal information systems and those of their business associates must meet specific certification and accreditation security guidelines.

CSCS™ Program Covers Major Information Security Regulations & Standards

The CSCS™ Program is the first and only program in the world that provides a comprehensive treatment of major information security regulations and standards. You can expect to learn and understand core requirements of the following from the CSCS™ program:

  • ISO Standards including 27001, 27002, 27799
  • PCI DSS
  • FISMA
  • NIST Standards
  • HIPAA and HITECH: U.S. Healthcare Regulations
  • U.S. State Regulations on Information Security

The Certified Security Compliance Specialist™ (CSCS™) credential is a role based designation. This program is designed to enable professionals to understand, prioritize and ultimately assist organizations achieve compliance with information security-based regulations.

Compliance is big business. Legislation (including guidelines and standards) such as PIPEDA, HIPAA, HITECH and standards such as the ISO 27000 series are compliance requirements for organizations of all sizes and industries. A key objective for organizations worldwide is to integrate security best practices and be in compliance. Skilled professionals who understand regulatory compliance requirements and information security are valued across several industries, especially healthcare, financial and the government.

The CSCS™ is a unique program in the compliance and security industry – indeed the first of a kind in the world. It is laser-beam focused on thoroughly examining compliance requirements and establishing best practices that can be applied in securing today’s digital business information infrastructure.

Organizations are quickly moving to a digital ecosystem that is governed by strict regulatory compliance requirements. Validate your compliance security skills and knowledge and distinguish yourself with the credential, CSCS™.

Learning Objectives

From this compliance and security training program you will:

  • Learn about FISMA, NERC CSS, and the HIPAA Security Rule.
  • Examine business critical standards and requirements such as PCI DSS, SOC 2 and more.
  • Analyze the international security standard, ISO 27001, ISO 27002, ISO 27799 and others.
  • Learn about authentication requirements in published guidance documents.
  • Examine California’s SB 1386, SB 541, AB 1950, AB 1298, AB 211 and other U.S. State information security related regulations.
  • Understand the security life cycle process for U.S. federal information systems. This is an important requirement for business associates worldwide.
  • Review international regulations including PIPEDA, PIP, European Union’s DPD and EC Directive, Australia’s Privacy Act, and the UK’s Data Protection Act, Freedom of Information Act.
  • Step through processes for conducting a comprehensive risk analysis and vulnerability assessments.
  • Review key contingency compliance requirements for developing the framework for disaster recovery and emergency mode operation plans.

Certification Roadmap

  • To be certified as a CSCS™, the candidate must attend the two-day CSCS™ training session delivered by ecfirst. For a list of scheduled dates and locations, please visit www.ecfirst.com.
  • It is strongly recommended that the candidate pass a major security certification exam such as CISSP, CISA or CISM or have equivalent knowledge and experience.

Target Audience

The complete two-day CSCS™ program is of value to compliance professionals and managers, information security officers, security practitioners, privacy officers, internal compliance auditors and senior IT professionals.

The CSCS™ Exam

The CSCS™ exam is delivered at the conclusion of the instructor-led 2-day program. The exam validates knowledge and skill sets in information security for the legislations, standards and frameworks delivered in class.

The exam comprises two parts, a practical session during which students work together in groups to solve real world problems using the skills learned on day 1 and a multiple-choice paper exam.

In the practical session, students will be divided into groups and given scenarios to solve, including evidence of real world issues such as information security breaches and regulatory noncompliance. The session is open book and students are encouraged to bring their own knowledge & experience to enhance the group performance as well as using research and collaboration skills to achieve the best results.

The practical session accounts for 25% of the overall exam score and will be marked in “real-time” during the group presentations. These scores will be pre-entered on the multiple-choice paper so that each student knows what they have to achieve from the second part of the exam.

The multiple-choice paper consists of 60 questions; time allowed: 60 minutes.

Examination Areas Percentage of Exam
US National and State Standards (FISMA, NIST, State Regulations) 15%
International Standards (ISO 27001, PIP, PIPEDA, DPA) 15%
Business Regulations (PCI DSS, SOC2) 15%
Healthcare Regulations (HIPAA, HITECH, ISO 27799) 15%
Cyber Security Strategy (Risk Analysis and Management, Business Impact Analysis, Business Continuity Planning) 15%
Total 75%

Scores from the practical and multiple-choice exams are added together and to achieve CSCS™ certification students must achieve an overall score of 75% or more.

CSCS™ exam questions are developed with the intent of measuring and testing practical knowledge and application of general concepts and standards in the area of regulatory compliance and information security. Every CSCS™ exam question has a stem (question) and five options (answer choices). The candidate is asked to choose the correct or best answer from the options. The stem may be in the form of a question or incomplete statement. In some instances, a scenario or description problem may be included.

Course Outline

Module 1: Introduction

  • State of Security
  • U.S. Requirements
    • SOC2

Module 2: PCI DSS

  • Objective
  • Control Objectives
  • Defined Requirements
  • Critical References

Module 3: Healthcare Information Security

  • Healthcare Security Challenges
  • HIPAA Security & HITECH Legislations
  • Administrative Safeguards
  • Physical Safeguards
  • Technical Safeguards
  • ISO 27799 Standard

Case Study: Risk Analysis

Examine compliance mandates for risk analysis. Analyze how to conduct a comprehensive and thorough risk analysis to identify compliance and security deficiencies. Walk through core components of the resulting Corrective Action Plan (CAP) – your roadmap for enabling a more resilient enterprise.

Module 4: ISO 27000

  • Introduction to ISO 27000
    • Information Security Management Systems

Module 5: ISO 27001

  • Introduction to ISO 27001
    • Security Domains

Module 6: ISO 27002

  • ISO 27002 Standard
  • Scope
  • Key Clauses, Categories and Controls
    • Definition
    • Requirements

Case Study: ISO 27001 Certification

Effective communication at all stages is vital to the success of the ISMS and achieving conformance/certification.

Module 7: U.S. Federal & State Regulations

  • California’s SB 1386 and SB 541
  • California’s AB 1950, AB 1298, & AB 211
  • Nevada’s 597.970
  • Massachusetts’s 201 CMR 17.00
  • Data Breach Challenges
  • Encryption Requirements

Module 8: NIST Standards & Guidance

  • Objective
  • Special Publications
  • Key Guidance References

Module 9: Business Continuity Planning (BCP)

  • Definition and Scope
  • Components of a Contingency Plan
    • Disaster Recovery Plan
    • Emergency Mode Operation Plan
  • Classification of Information
  • Classification of Threats
  • Types of Alternate Sites
  • Getting Started

Case Study: Conducting a Business Impact Analysis (BIA)

Step through key activities that organizations must conduct to complete a comprehensive Business Impact Analysis (BIA). Understand critical processes for a BIA initiative and identify areas that must be addressed in a BIA Report.

Module 10: Cyber Security Strategy

  • What is Your Security Strategy?
  • Enterprise Security Methodology
  • Risk Analysis
  • Getting Started

Case Study: Anatomy of a Policy

Understand the key components of a well written information security policy. Review sample policy types and organization.

Recognition for Other Security Certifications Earned

This is an excellent program for professionals that have earned credentials such as CISSP, CISM, CISA, Security+, MCSE, and CBCP.

CISSP, CISM, CISA, Security+, MCSE and CBCP certified professionals will find that the CSCS™ program adds significant depth to their knowledge of compliance requirements related to information security. These compliance requirements directly impact the security priorities and initiatives across all types of organizations and business.

Fast Track for CISSP/Security+/SCNA

The fast track is available only for CSCS™ students that attend instructor led training. ecfirst recognizes the breadth of security content that must be mastered to attain certain security credentials. Fast Track for the CSCS™ class means if you have another security credential, such as CISSP or Security+, you will still need to take the class but you will not have to take the exam to get the CSCS™ credential. It will automatically be given once you send the documentation that you have another security credential.

(ISC)² Members

As (ISC)² members participate in this two-day instructor-led program and pass the CSCS™ exam, they are then responsible to document their time as Continuing Professional Education (CPE), for registering CPEs. The CSCS™ program offers 16 CPEs for CISSPs.

Exam Fee

The Certified Security Compliance Specialist™ exam fee is $495.00.

Requirements for Maintaining CSCS™ Certification

CSCS™ must comply with the following requirements to retain certification:

  • The CSCS™ certification is valid for three-years. Recertification costs $495 and you will get an updated copy of the CSCS™ manual and a new certificate. If you do not renew your certification within the three year period you will be required to retake the CSCS™ exam and pay $495.

Revocation of CSCS™ Certification

ecfirst may, at its discretion after due and thorough consideration, revoke an individual’s CSCS™ certification for any of the following reasons:

  • Falsifying or deliberately failing to provide relevant information.
  • Intentionally misstating a material fact.
  • Engaging or assisting others in dishonest, unauthorized or inappropriate behavior at any time in connection with the CSCS™ exam or the certification process.

Training Options

The two-day CSCS™ program is delivered worldwide. Call ecfirst at +1. 480.663.3225 today to discuss details about locations and schedules.

CSCS™ program attendees may pursue additional career development with the Certified HIPAA Professional (CHP) program. Mention you have passed the CSCS™ exam and receive 20% off the instructor-led tuition fee for the CHP program.

On Site Training

Bring ecfirst training, certification and executive briefs to your site. ecfirst will customize the session to meet your specific requirements and time frames.

Reference Materials

ecfirst

ecfirst is passionate about developing and validating information security compliance knowledge. ecfirst, in business since 1999, was recognized as an Inc. 500 fastest growing privately held business in the United States in its first year of eligibility. ecfirst is an organization with deep hands-on experience in compliance and IT services.

ecfirst serves a Who’s Who client list of over 2,000 that includes Principal Financial, numerous hospitals including Edward, Sherman, Condell, BSA, Mercy, Northwest Community, Samaritan and many others. State and county governments that have been trained by ecfirst include the State of Oregon, Iowa, and Illinois. U.S. government agencies that have participated in ecfirst programs include the U.S. Department of Veterans Affairs, Air Force, Coast Guard, Homeland Security, Coast Guard and several others.

Disclaimer

This document is a guide to those pursuing the CSCS™ certification. No representations or warranties are made by ecfirst that the use of this guide or any other associate publication will assure candidates of passing the CSCS™ exam.

Disclosure

Copyright © 2006-2017 by ecfirst. Reproduction or storage in any form for any purpose is not provided without prior written permission from ecfirst. No other right or permission is granted with respect to this work. All rights reserved.

Contact Information

295 NE Venture Drive
Waukee, IA 50263, United States
Toll Free: +1.877.899.9974 x23
Cell: +1. 480.663.3225
Email: john.schelewitz@ecfirst.com
Web-site: www.ecfirst.com

Program Architect – Cyber Security & Compliance Expert

Pabari Thought Leadership

Pabrai-InfographicA

Certified Security Compliance Specialist™ (CSCS™) Testimonials

CSCS Logo

“One of the most informative classes I’ve ever attended. I really learned more than I could imagine.”
Mark Slivka
Edwards Business Systems

“Most informational class regarding HIPAA and Information Security Management that I have ever taken.”
Jimmy Bradley
BCBSAL

“Ian is amazing!”
Josh Grantham
Solera Health, Inc.

“It was great to learn with the group and have different perspectives from different backgrounds.”
Winson John
Delta Dental of Oklahoma

“The case study was awesome as it applied the skills learned to solve the case.”
Deepak Ohri
IBM

“I highly recommend others interested in understanding regulatory & compliance requirements attend this course.”
Al Backeris
KM/All Covered

“I really enjoyed the class and learned a lot in the two days of study.”
Miguel Oliva
UnityPoint Health

“I have very much enjoyed this class. I wasn’t sure where knowledge of compliance gaps may be and I now have serveral items to go back and look into closer.”
Charity Sharpe
UnityPoint Health

“Taking the CSCS course has exposed numerous areas that need improvement and review. The knowledge gained will be immediately applicable within my role.”
Todd G. Krajewski
UnityPoint Health

“A lot of information over 2 days. I enjoyed the practical exercise as it put what we learned into a real world scenario.”
Rich Hardyman
UnityPoint Health

“Received in-depth understanding of security laws, especially regulations of high importance in the healthcare industry.”
Ronak Thakur
AV Hospital

“All the material covered is very valuable and much needed in the industry. Thank you so much for making us aware of what we need to do to impact processes with our workforce in our organization. Thanks a lot.”
Ankit Pandya
AV Hospital

“Ali Pabrai teaches an excellent program. He’s thorough and his knowledge and experience is highly valued. A very informative program. Instructor and course rating: 10.”
Shami Brar
AV Hospital

“The strength of the course was the instructor, Ali Pabrai. Taking this program was highly beneficial to my career. Ali Pabrai is an excellent instructor with great knowledge of security and compliance. Instructor and course rating: 10.”
Adam Romo

“Retention is key for training. The pace and attitude of this program were both conducive to that retention. Upbeat, fast-paced environment. Instructor and course rating: 10.”
Clint Anderson
Little River Healthcare

“It is a learning curve for all of the students in the class (private). Ian has highlighted the topics and discussed in a detailed way how we can prepare for the worst case scenario. Overall it was an excellent class.”
Prabhu Bollu
St. Rose Hospital

“This course was better than I expected. The presenter and course material is very well designed.”
Himanshu Handa
St. Rose Hospital

“I want to convey my thanks for the CSCS class last week (Dallas, TX – Instructor-Led). It was an incredible experience and Ali Pabrai was a fantastic instructor. There is so much information to absorb but the pace wasn’t overwhelming and I came out with an exponentially higher amount of knowledge than going in. I don’t know that I can make that claim regarding many other classes I have experienced.”
Curt Schatz, MBA
NMHIMSS President

“Prior to this CSCS™ course I had little knowledge of security regulations that affected healthcare. After completing the CSCS™ Program, I have a very well rounded knowledge of what affects my business and understand what is needed. I can go back to my firm and feel confident in addressing risk.”
Aimee Bertrand
The Schumacher Group

“First rate information delivered by a top notch instructor, Ali Pabrai! If security compliance is a part of your responsibilities, you must attend this course.”
Curt Schatz
New Mexico Cancer Center

“It was great having an overview of several industries in one class. If you are working in a firm that needs to address several security regulations, this class is vital. It helps you understand the requirements and define your expectations for compliance.”
Dani Williams

“The CSCS™ training was very organized and the teacher was well prepared. Great information that will be useful for our company.”
Kristi Thibodeaux
The Schumacher Group

“Mr. Pabrai was very detailed and the class entertaining. He helped me with the understanding of PCI, ISO and other standards that I was originally not familiar with.”
Christopher B. Nash
Highland Clinic APMC

“Highly relevant, high informative class! Ali is a wonderful instructor and has a wealth of knowledge and experience in HIPAA and information security as a whole. This class is a must for any information security professional. Highly recommend!”
Lynn Gibson
East Keep Security

“This was a fast paced review of many security and compliance frameworks, including COST, NIST, PCI DSS and ISO. The CSCS™ Program was valuable to me as my organization is in the process of implementing a HIPAA compliance strategy. I can now enhance our chosen NIST framework with the best from ISO and PCI.”
Randy Surratt
Conceptual Mindworks

“The CSCS™ Program was excellent in that it covered a large volume of information very thoroughly in a very short period of time. Mr. Pabrai is a subject matter expert and was able to immediately answer any question presented.”
Ryan Heckman

“This has been a great class, very good Instructor with lot of knowledge on the topics.”
John Chou
Slalom Consulting

“Very detailed material.”
Sai Shankar
Slalom Consulting

“Gained valuable information in a very short span of time. Very well done ecfirst!!!”
Slalom Consulting Attendee

“Ali is a wonderful instructor, knowledgeable and was able to explain very technical, and sometimes confusing materials, logically that made sense.”
Slalom Consulting Attendee

“This course has given insight to security aspects and actual challenges that needs to be adopted in any organisation. Very informative facts and context shared. Definitely elated about the knowledge shared by Mr. Pabrai.”
Nikhil Ranjan Nayak
Apollo Hospitals Enterprise Ltd.

“The instruction and the training material were practical. I gained more knowledge in compliance by the way the Instructor delivered the content. My heartfelt thanks to Mr. Ali Pabrai and ecfirst for conducting such a wonderful training program.”
N. Sasikumar
EpiSource India Pvt. Ltd.

“Overall the program gave us good understanding about various compliance programs with global examples. The strength of this course is that is covers key areas and is very informative. This will definitely be useful as I continue my journey towards security and compliance. Thanks to Ali for presenting in an understandable manner.”
A.H. Mohamed Salish
EpiSource India Pvt. Ltd.

“The course is really very good and useful. Thank you very much for the course.”
T. Brindha VijayaNandhini
Pabrai India Pvt. Ltd.

“This course is very good with lots and lots of information on security and compliance. After finishing the CSCS™ program I feel it is going to boost my career in many ways and help me to get into the next level of my work. I am very impressed by Pabrai’s way of presentation. He made it easy for me to get into the subject area.”
Sunil Clement. K
QBSS

“When I go back to my work, I now better understand how and why security and compliance is important for an organisation. It was a very good launching pad for me personally. I would want to register for similar courses in the future with ecfirst.”
S. Neelakanth
EpiSource India Pvt. Ltd.

“Overall I found the course was very useful. Lots of learning and now the work starts for us to implement this in our organisation and also educate others in the industry on the importance on IT security. Mr. Pabrai explained it very well, especially, when there is significant course material to be covered in two days.”
Tapesh Kumar Agarwal
Meddiff Technologies

“It’s a wonderful training program covering the securities compliance regulations and standards. The way Mr. Pabrai provided the training was just awesome.”
R. Saravanan
EpiSource India Pvt. Ltd.

“This is one of the most valuable courses I ever attended. Further, the information provided in this course is the most valuable resource for me to support my current organisation implementing and sustaining the information security and compliance. This will definitely help me to explore more information related to the topics I learned in this course.”
Nanda Kumar
EpiSource India Pvt. Ltd.

“Ali presented the information in terms that I could understand and follow along with. There was a lot of information shared and the manual was well structured to follow and refer to.”
Brian Bille
Schumacher Group

“Presenter was enthusiastic and energetic. Great projection and involvement. Material very helpful and well laid out. Great session!”
Amy Frederick
Schumacher Group

“Very well taught class. Ali Pabrai was engaging and prepared.”
Jemmy Martin
Schumacher Group

“Offered a wealth of information and insight into compliance mandates.”
Kellen Flott
Schumacher Group

“The class was very informing and very well taught.”
Roderich Mcmiller
Schumacher Group

“Very informative. It was a lot of information in short time. I have a lot or reading to do.”
Junes Bron
Schumacher Group

“I felt like the course was very thorough and the instructor was extremely knowledgeable. He was able to cover the course material in time. We have much to build on with the information from this course.”
Giuseppe Setaro
Schumacher Group

“Ali and Lorna were fantastic at making a topic generally regarded as uninteresting, interesting. We covered over 700 pages of content in 8 hours so it did feel a bit high level and rushed. Overall the training was beneficial and terrifying.”
Brian Lavin
Schumacher Group

“I recently attended the CSCS™ class taught by Ali Pabrai. I am familiar with HIPAA, PCI and but it has been a few years since I worked in the PCI areas, so I was happy for a refresher.”
“Ali is a wonderful instructor, mentor and cheer leader. Although the class is 2 solid days of lecture, Ali was energetic, engaged and demonstrated his interest and care for his students throughout the class. He encouraged class discussion, while at the same time, keeping us on task to learn what was needed to pass CSCS™ certification. Although I was sceptical that I could pass on the first attempt, I was pleasantly surprised. I attribute my success to the many hints and tips Ali shared throughout the class..”
“I highly recommend this class to both the novice and experienced practitioner of compliance.”
Marcia Arrow, CISA, CISM, CSCS, CHP

“”ecfirst provides the most comprehensive overviews of HIPAA Privacy & Security that I have seen in my 10 years as a Privacy Officer. The training is not only thorough but relevant to today’s industry standard. ecfirst has the most up-to-date guidance on the latest regulations and publications within days of the release. Thank you ecfirst for challenging my brain and influencing my future.””
Elizabeth Fair 
Indian Health Care Resource Center

“I now understand information security and its impact it may have to the organization.”
Ron Motiram
Sentry DS

“Having attended other training events, I’m thoroughly impressed with both the instructor’s ability in keeping the class engaged and the consistent delivery of information. Made retention easier.”
Steven Waskey
Mid Florida Community Service, Inc.

“Course provided assistance with the many different security standards. This course is a great resource for knowledge and materials about information security requirements. Well worth the time and effort to complete.”
Karen Chrisman, Staff Attorney & HIPAA Privacy Officer
GOEHI

“A lot of information was delivered in a very short time. Trainer is knowledgeable, extremely articulate and also made the information very interesting. Thanks so much for a job well done.”
Denise Hart
Independent Contractor

“Although there was a lot of material covered, the CSCS™ course is presented in a very clear manner. It took the main points of the various, important standards and related them to other standards – not in a way that would imply one was better but in a way that implied organizations should base their actions and plans on the needs and acceptable risks of the organization.”
Robert Hillhouse
University of Tennessee, Knoxville

“This was an incredibly helpful and information class. Pabrai’s energy sure helps to get us through the intensity and pace of the class!”
Sandra D. Lindsey
University of Tennessee

“Many would consider compliance a boring subject but Pabrai has made it thoroughly exciting and cool. Go ecfirst!”
Terilyn Aichimayr
Denver Health

“I was hoping to find out what I didn’t know. Pabrai did not disappoint and apparently I didn’t know a whole lot. The CSCS™ course has given me a great foundation to build on.”
Donald F. Lee III, Director of Software Development
Algonquin Studios

“Every compliance and security professional should take the CSCS™ course. Be warned! You will be drinking from the fire hose for the very intense days.”
Keith Thibodeaux
The Schumacher Group

“Excellent two-day course. Good reference materials – will use again. Great presenter/expert. Thanks.”
Susan Cunningham
Kaiser Permanente

“Very useful class. Good review and preparation to take the final exam. Lots of class engagement.”
Robin Ornata
Kaiser Permanente

“Really enjoyed material. Instructor was knowledgeable and a delight. Great HIPAA Final Rule Summary. Logical, instructive and valuable class. Helped me associate various frameworks and regulations all in one sitting. This is a compliance wine tasting!”
Jill Wisemein
Kaiser Permanente

“Ali Pabrai was a very effective trainer of the CSCS™ program. I learned a lot and have taken most of the information to be used in my job role.”
Cora Durham
Kaiser Permanente

“I was surprised how much I learned in the 2 quick, yet thorough days of intensive learning. Excellent overview of regulatory compliance and security.”
Marcia Arrow

“Ali Pabrai was a very informative and knowledgeable instructor. Ali knows the material without looking to notes or books or the class. This is a nice to have in an instructor. You could hear his experience coming from his life, work examples, and instruction. Thank you Ali for allowing me and all of us to gain knowledge from you and through you.”
Jack Medford
Prime Healthcare

“Good information. Cram session. Helps that Ali Pabrai has a sense of humor to keep our attention to the terabytes of data being delivered.”
Martin Cardova
Centinela Health Medical Center (CHMC)

“Good presentation. Lots of information.”
Linda Cobbert
Prime Healthcare

“I appreciated the content of the CSCS™ course. Tools of books and slides were excellent. Presenter’s enthusiasm and atmosphere created was great. I had many take-aways in assessing my own environment. Thank you!”
Cindy Mullins
Saint Mary’s Regional Medical Center

“Ali explained about security, breaches, policies in the CSCS™ class. It was really very helpful to gain the knowledge.”
Sandeep Rademi
Prime Healthcare

“Ali was great and the information was delivered in a logical fashion in time.”
Sujeethnath Lingutla
Prime Healthcare

“The instructor, Ali Pabrai, was awesome. He made the class fly by. Very entertaining and I was actually able to retain much of the information.”
Monica Rendon
San Dimas Community Hospital

“Class had a lot of information. Instructor was great at keeping my attention. I felt he did an awesome job. The class went by very quickly and he provided a lot of information.”
Summer Guzman
Montclair Hospital

“A lot of great information. Great presentation.”
Yvonne Ramos
Prime Healthcare

“Good class.”
Don Carr
Prime Healthcare

“Ali’s enthusiasm for the subject of information security made learning the information pleasurable and memorable. He presents the information as living information, not dry facts.”
Catherine Mathis
West Anaheim Medical Center (WAMC)

“There was a great deal of valuable information presented. Good energetic presenter.”
Tammy Van Bockel
Prime Healthcare

“This course has made me aware of security issues that need to be in a plan to ensure security controls in our environment protect confidential information.”
Joe O. Leal
Prime Healthcare

“Presenter is very knowledgeable of subject. I appreciated references to specific applications within our organization (Prime). Very personable and approachable. This was a lot of information in a very short amount of time.”
Tamara Bradshaw
Saint Mary’s Regional Medical Center

“Thank you for excellent training of a complex topic. Very interesting.”
Marcella (Iris) Anderson
Desert Valley Hospital

“Felt the teacher was excellent.”
Mary T. Rogers
Roxborough Memorial Hospital

“Instructor was very good and knowledgeable.”
Mike Guglianoir
Prime Healthcare

“The presentation was first class and knowledge of content was informative. I would recommend this class as it provides relevant information to protect an organization and also provides individual professional growth. Best of luck my man. You were great!!”
Solomon Eboigbodin

“The class was very informative. Ali Pabrai is a great speaker who is knowledgeable on the topics he is teaching. The content was very good. He ensures the class understands the concepts.”
Tammy Deras
Desert Valley Hospital

“The class was very intuitive. The instructor took the time to explain each module clearly while continuing to highlight exam topics.”
Vik Mahan
Prime Healthcare

“Ali Pabrai is an excellent speaker.”
Patty Canter
Prime Healthcare

“CSCS™ is a very good program.”
Eraie Pino
Prime Healthcare

“The CSCS™ Program was very informative. Enjoyed the speaker and his presentation.”
Teri Murphy
Pampa Regional Medical Center

“CSCS™ is a great course. Very well organized and presented. Speaker Ali Pabrai has exhibited his wealth of knowledge. I am glad I was a part of the class. Thank you Ali for your time and for sharing the experience in relation to the subject and also for personally teaching the class. Very good sense of humor.”
Uma Mahesh, CISSP
Prime Healthcare

“Very good information and I understood why Privacy Officers should be aware. Ali Pabrai is a great speaker.”
Nancy Fett
La Palma Hospital

“The instructor was very knowledgeable about the content as well as a good presenter. He was able to disseminate a large amount of material in a fast paced, informative manner. Thank you Ali.”
Joy Patton
Prime Healthcare

“The class provided a great detail of information. Ali completed the class with high enthusiasm and wonderful attentiveness. I very much enjoyed the class.”
Barbara Barron
Lower Bucks Hospital

“Ali was very effective in providing accurate and applicable security information needed.”
Steven Kane
Lower Bucks Hospital

“The CSCS™ Program is very educational and well rounded. It moves at a fast pace. The instructor did a wonderful job at keeping everyone with him.”
Sarah Velez
Prime Healthcare

“I very much enjoyed listening to Ali Pabrai. Very funny and informative. It was a lot of information but his confidence in us and reassurance made it much more bearable. I enjoyed all the information and knowledge we obtained.”
Edelma Urquieta

“This was a very in-depth class. The instructor presented the information well.”
Jason Williams
West Anaheim Medical Center

“Presentation was very good. I learned a lot. Content is very detailed.”
Shari Mitchell
Dallas Medical Center

“Pabrai’s presentation style is excellent. His combination with subject mastery with humor keeps his students engaged and entertained. I would recommend this CSCS™ class to other colleagues.”
John Ware
HCA Healthcare

“I believe the CHP+CSCS™ training is an invaluable way to understand the policies and procedures behind information security. The emphasis on healthcare and government networks helped, as that is what my focus is. Thank you Lorna and Ali for facilitating my course of instruction.”
Ferdie Santos
Naval Special Warfare, U.S. Navy

“Ali Pabrai is an expert on these topics. Very well done. Enjoyed following slides in CSCS™ book. Kept material entertaining but still emphasized key points and ideas.”
Natasha Pabrai

“The CSCS™ course has given me an in-depth knowledge into IT security requirements, regulations and legal frameworks. I am responsible to impact my organization for security and protection of client information at hospitals and all departments/units. This is a very important course for us as a nation. I would recommend it to all countries in this region of Africa.”
Richard Kugre Gubillah
Ghana Police Health Service

“The CSCS™ course was very educational and the instructor, Ali Pabrai, was very resourceful. I recommend the Program to any organization in Ghana. The course content was very useful to me and my organization. It will help improve NHIA IT security.”
Foster Kofi Awudi 
National Health Insurance Authority (NHIA)

“Ali Pabrai is a very good instructor who took his time to teach us all that will help us become good security experts in our line of work. The CSCS™ Program is a very good program that educates all the participants about the current trend in information security worldwide. ecfirst must keep up the good work!”
Kwaku Kwabi Appiah
Ghana Health Services (GHS)

“Ali Pabrai has demonstrated that he is an experienced security expert. ecfirst has a good instructor in Ali Pabrai. It is my wish that such training be extended to other agencies in Ghana.”
Augustine Kwame Acheampong
Kemfo Anokye Teaching Hospital

“The resourceful person, Ali Pabrai, should be commended for the able manner he taught the various topics.”
Amadu Ali
National Health Insurance Authority (NHIA)

“After studying the book and the related documents on CSCS™, I found it to be quite difficult. However, after intensive instruction, I now have a full understanding of several security standards. It has fully opened my mind to security and especially security practices outside my country. Kudos to Ali. Kudos to ecfirst!”
Harmond Nii Sarkwah
Ghana Health Services (GHS)

“Ali Pabrai has been a wonderful instructor. He used his experience to make the CSCS™ course very practical and lively. He has a good sense of humor that sustained the interest of the class throughout the period. The instruction has laid a good foundation for the building of information security policy for the health sector in Ghana. The instruction was exceptional.”
Agyemang Karikari Marfo 
Ghana Health Services (GHS)

“The entire CSCS™ course although new in my domain, was very useful and will me in my career as a Certified Fraud Examiner. I have learned how information security is key to the success of any every assignment. This Program will help me a lot in my work.”
Emmanuel Kimpong
National Health Insurance Authority (NHIA)

“CSCS™ is a good course, though Ghana is not yet in tune. We hope to start in our own small way to address challenges in this area.”
Erica Edem Senayah 
National Health Insurance Authority (NHIA)

“I have been in IT for years but the CSCS™ Program has enlightened me on so many things about IT security that I had taken for granted. This has increased my knowledge and judgment to be wise about everything related to security to protect the organization I work in effectively.”
Emmanuel Abrah Adjei
National Health Insurance Authority (NHIA)

“The CSCS™ Program taught me the need to keep confidentiality and integrity of personal health information sacred. I now better understand why certain information must be secured with additional safeguards.”
Rebecca Akatue
National Health Insurance Authority (NHIA)

“The CSCS™ course is good. I recommend it for every organization that is concerned about protecting information about their customers.”
William Omane-Adjekum
National Health Insurance Authority (NHIA)

“This is a very good program to study.”
Appiah Sarfo-Kantanka
National Health Insurance Authority (NHIA)

“A very exciting course. Information is very valuable and practical. Despite the fact that the number of days (duration) for the course seemed limited, the information provided was extremely relevant to my occupation/profession. The instructor was very prepared and really knew what he was talking about. The CSCS™ Program is a very relevant course and one I would recommend to all professionals, whether in the public sector or private business.”
Nana Amoako Gyampoh-Kumi 
National Health Insurance Authority (NHIA)

“CSCS™ is a detailed information security program that will expose you to not only the basics in information security but also content to put you on the road to excellence. This is a real loaded course. I recommend all take this program. I consider Ali Pabrai as a very knowledgeable person in this field.”
Dennis Silsofe Kuame
National Health Insurance Authority (NHIA)

“A very useful and beneficial course that has created the awareness and the importance of security in relation to PHI and EPHI. The instructor delivered a good program and tried as much as possible to make the course simple. Thanks to Ali Pabrai. Thumbs up!”
Daniel Vava Akrobotu 
National Health Insurance Authority (NHIA)

“The CSCS™ course is a combination of all security standards and frameworks.”
Edward Buckman
National Health Insurance Authority (NHIA)

“Very much impressed with the wealth of knowledge that is very important to healthcare delivery. The ecfirst CSCS™ Program makes us better placed to address electronic information in healthcare.”
Eber Bradi –Not on my list
Ghana Health Service (GHS)

“I personally feel enriched with the CSCS™ information security program. I also like the instructor who made the training very simple, brief, and clear. I strongly recommend that it be a top priority for our organization.”
Isaac Atsyor 
Ghana Health Service (GHS)

“CSCS™ is a very comprehensive review of security compliance requirements across the spectrum of standards in use. Very helpful high-level overview.”
Francesca Lanier
State of Utah, Department of Health

“As a newly appointed Information Security Officer for Utah Department of Health, I found high value from the CSCS™ training program.”
Wu Xu
State of Utah, Department of Health

“Great value to non-IT specialist. Strength of course included clarity and content. Top notch.”
Doug Springmeyer, Assistant Attorney General
State of Utah, Department of Health

“Great overview and familiarization to varied security standards. Good place to get familiar with the security universe.”
Lyle Odendahl
State of Utah, Department of Health

“I believe this CSCS™ Program is needed for all business executives, not just security officers and IT staff.”
Dan G. Cook
State of Utah, DTS

“I would recommend the CSCS™ program to any company, government agency or other organization that works with confidential information.”
Craig Devashrayee
State of Utah, Department of Health

“Over the years I have had to deal with many security terms and found keeping up with them difficult. After taking Ali’s CSCS™ class not only are the terms and regulations more clear but I have a renewed outlook on securing my environment. Look out staff! Here I come to lock it down! Thanks Ali Pabrai for all the hard work!”
Matthew Evans
Managed Care Systems, California

“The CSCS™ Program contains a great deal of information concerning a wide range of regulations and best practices. I would recommend this class for anyone interested in security and regulatory compliance.”
Paul Dukich
Northwest Community Healthcare

“The CSCS™ class made a huge difference in my understandings of compliance requirements. I would recommend my co-workers attend this class with Pabrai. He is amazing. Great explanations.”
Rizwan Khan
Ace Hardware

“The CSCS™ course is all encompassing for all major standards for security. I would highly recommend all organizations to use these services and incorporate in your future security plans.”
Joel P. Bandy, MBA
Presbyteria Communities & Services

“Best instructor I have had due to the sheer volume of knowledge and experience. Course Rating: 10; Instructor Rating: 10.”
Student in Chicago CSCS™ Class, July 27, 2012

“I am just preparing to do a HIPAA privacy and security risk analysis at work. This has given me a wealth of information about how to commence and where to go for compliance references. I now have more than superficial knowledge of security concepts. Thank you, Ali!!”
Linda Meadows
Springfield Clinic

“Fast paced, informative and presented in a format that was easy to follow and understand. Presented with a lot of information in a short period of time.”
Joe Phillips
A.O. Fox Memorial Hospital

“Course material is excellent. Instructor was passionate and well versed in his knowledge of information provided.”
Attendee
CSCS™ Class, Orlando, Florida (January 2012)

“Class was great. Instructor was very knowledgeable.”
Joshua D. Brown
Pointer Law Office

“Class was very informative. Ali did a wonderful and thorough presentation of all material. I’m hopeful that this will be my building blocks for the future.”
Karen S. Abbott
Ozarks Medical Center

“Great learning experience. I can apply a lot of other compliance specifications to the more unspecific HIPAA regulations. I can answer, in more detail, some of my clients questions with more information and examples.”
Nicole Kramer
Mountain Pacific

“There was a lot of information in a very short amount of time. It was all very useful and helpful. The CSCS™ manual will provide to be a great resource for the future. Both Lorna and Ali are great presenters.”
Christopher Murphy
PNC Bank

“I like Ali’s training style and book layout – cleaner and easier to follow. Overall, I really liked the class and would give it a 9-10.”
John Dahl
FGS, Inc.

“Nice overview of international & domestic laws and standards, which impact the business of providing information security. Knowledgeable instructor on the topic, who included detailed information about other related topics and references.”Tameka Copeland
CareSource

“The instructor made the content exciting and fun which made learning exciting.”
Trend Micro Student

“Very in depth and vital course if you need to apply this to your business.”
Eddie Myers
CREST Services

“This course is a great framework for security of networks and systems in all businesses especially businesses with regulatory requirements.”
Sean Folweiler
Central Valley Collaborative

“Well structured and presented. Information on security was clearly delivered.”
Julie Kliewer
ACMC

“Lots of information. Well done Ali.”
Kathy Runyon
SCVHHS

“The course is comprehensive and well organized.”
“I enjoyed the classes. The instructor, Alan Yue, was extremely knowledgeable. He went above and beyond to educate and convey the information. He provided additional reading which would later allow us to tie this all together. He was very visual, which helped me a lot. The background of PM made it easier to follow his teaching. I went into the course with eyes wide open. I’m leaving with a sense of a purpose. I will use all this information and apply it daily.”
Fusha L. Roberts
Mays Homecare

“Quickest, most complete way to understanding HIPAA & security risk analysis for the HITECH incentive.”
David Halajko
VMS

“With all the rules, regulations, guidelines, and standards it is really difficult to find professional, authoritative, instruction on compliance issues. Alan Yue does an excellent job of helping to organize this for the students.”
David Ashley
Horne LLP

“A lot of good material; well-organized and presented. Ali did a good job making very dry material interesting. I really benefitted from the discussion about how the different frameworks compare and contrasted. Thanks for the opportunity.”
Alan Ogilbee
Maricopa Integrated Health System

“My experience taking the CSCS™ was many times worth the investment in time and resources. The broad and deep coverage of multiple compliance obligations made simple with a smart and comprehensive approach to security strategy and an integrated security program. This class is a tremendous value.”
Alan Yue
PreNetSys

“The CSCS™ Program is a great learning solution for security & compliance. The instructor was very informative, knowledgeable and patient in answering every question. Thank you for organizing this course, putting together and finding such a good instructor to teach. Richard is great.”
Uma Reddy
Prime Healthcare Services

“Richard and Ali are very knowledgeable in the material. The presentation was done at a very good pace, quick enough to keep me interested in the material. Thanks”
John Yohannan
Yampa Valley Medical Center

“Well delivered. Presenters were very well versed in the subject matter. If I‟m forced to learn something this dry, these are the people I want to learn from. I would feel comfortable using ecfirst in developing my security policies.”
Curtis Cooper
Pioneers Medical Center

“Great delivery of a complex and resource taxing topic.”
Dave Bingham
Aspen Valley Hospital

“Well presented and organized. Comprehensive. Excellent instructor.”
David Cabana
Southwest Memorial Hospital

“The program was very comprehensive and informative. I enjoyed the exposure to the content and see immediate benefit to my organization.”
Ron Hines

“The instructor presented the information on security and compliance with interest and excitement. The information was integrated into Business models so we could apply it to everyday scenarios. He also supplied great referenced and recommending books on business, project management and change implementation.”
Dana McGrath

“Overwhelming amount of information given in a short time. Done very well.”
Bernie Rice
Rangely District Hospital

“There is a lot of information delivered during this program. Though much of it is new to me, it would have been impossible to locate all this information on my own. This will help me in my career and in my challenge to keep my department compliant with all the new regulations and laws.”
Cherrell Cole
St. Mary’s Hospital

“I am very appreciative of the format of the presentation. It was very helpful to have each area outlined with steps for implementation. Both speakers were very knowledgeable and enthusiastic.”
Lorrie Danford
Community Hospital

“Richard did an excellent job. I feel quite comfortable that I could easily pass the exam.”
Pensacola Junior College

“Richard is an extremely knowledgeable instructor. Enjoyed his instruction.”
D. Bourassa
PJC

“Richard Thomas presented the material in a logical format. He is extremely knowledgeable in his area and very helpful.”
Pensacola Junior College

“Richard did a great job of relating this massive amount of information. He gave many real-world examples that brought the concepts home.”
William Norrish
City of Pensacola

“Richard was very knowledgeable! He delivered the content of this course in a logical, methodical way. I recommend that if this course be taught again, Richard is the Man!”
Pensacola Junior College

“Richard Thomas did an outstanding job of covering a large amount of technical information in a short 2-day format.”
Jim Drennen
Pensacola Junior College

“Thank you for imparting your knowledge on Security to our group. Richard was great!”
Donna Shumway
Pensacola Junior College

“Very knowledgeable instructor”
Katie Avril

“I thought the course was great. The instructor knew the material.”
Franklin Norgan
Lakeland Regional Medical Center

“This training was extremely comprehensive, thorough and detailed. A broad based overview of security compliance. Very intensive and helpful.”
David Young
SeniorLink

“Excellent program. Good content and delivery. Surpassed my expectations. Certainly achieved my objectives.”
Cheryl Charles-Duval, Esq.,
Attorney-at-law, CISSP

“Good information on many regulations. Tied different regulations together. Very nice job!”
Jeff Poole
Torchmark Corp.

“Ali covered areas that were just right in understanding critical areas in regulations for information security.”
Marlin Fischer
Krystal Air

“Uday Ali Pabrai conducted a thoughtful and detailed exposure to many regulatory influences affecting the compliance of information technology environments. He is enthusiastic and professional in his instruction. I recommend the CSCS™ certification program.”
James M. Farwell
Minneapolis, Minnesota

“Mr. Pabrai has a great deal of passion for security. I’m glad I was able to attend and take this course.”
Stephen E. Davis III

“The entire CSCS™ Program was very thorough and rigorous. It is very important to grasp all the knowledge base delivered in the class. The material is very important for the entire industry in order to effectively secure business vital assets.”
Vijay Prakash
Essex County Hospital

“The CSCS™ Program was great. Instructor did an excellent job of communicating material. I was pretty unfamiliar with the topic but still think I am coming along with a good understanding.”
Jessica Cherok
The Salvation Army

“Huge amount of information. Well prepared instructors. Would definitely recommend to colleagues at HP.”
Steve Andrews
Hewlett-Packard

“The CSCS™ Program was well presented and covered a lot of areas. Mr. Pabrai did an excellent job in breaking down every topic. I would highly recommend this course to anyone interested in security.”
John Rosas
Essex County Hospital Center

“A lot of great information. This lays the foundation to build on for managing IT security.”
Stephen Thibodeau
Rural Indian Health

“This has been a great course. Chris and Ali are both passionate about the subject matter. Content was complete.”
Kate Schafer,
VP Epocrates

“This is a very good program. I have a good background in information security, but not in compliance and regulations. Please keep it up!”
Emmanuel Chigbu

“Very good information. I came away with good ideas and plans.”
Greg Mejia
California Rural Indian Health

“Great class and material.”
Michael Howard
Hewlett-Packard

“Attending the CSCS™ program has helped me put all the different regulations and compliance requirements in perspective. Having all the information about them in one program and reviewing each one was very informative.”
Patrick Baba, CISSP

“The presentation by Pabrai was excellent. It was an awakening to step through threats to vital assets and sensitive information.”
Devesh Kumar Sachin All India Radio (AIR)

“Excellent speaker. Good condensed content. Overall a nice package.”
Dr. J. S. Sodhi
Amity Group

“An excellent delivery by Pabrai. An excellent program. Lots of information in just 2 days.”
Ashish Bhatnagar
All India Radio (AIR)

“The contents are no doubt exceptionally brilliant and comprehensive. Thanks. Look forward to a long association with your organization.”
Vishnu Kumar

“The content and presentation of this program was very good. It gives me tremendous information regarding cyber security and its implications.”
Sunny Joseph
All India Radio (AIR)

“Pabrai is a very knowledgeable person. Fantastic orator with in-depth knowledge. His expertise is required in India. Once he makes in-roads in the Indian market, he will not have time for the USA or other markets.”
Ashwani Kapoor
K. genix Biotech Pvt. Ltd.

“It has been a really enlightening 2 days. Pabrai is phenomenal in his knowledge and expertise of cyber security. There is enormous scope for the program in India.”
Anoop Girdhar

“Appreciate the effort by Pabrai. He possesses a very dynamic personality and an amazing energy! He has provided us with valuable information that will help us fight cyber crime in the future. Thank you so very much!”
Himanshu Mishra

“A highly informative and enlightening experience. I thoroughly enjoyed this class and look forward to making use of the information I absorbed.”
Steven Astley
Moorings Park

“The CSCS™ class provided a wealth of regulatory knowledge and industry best practices as well guidance regarding key information security objectives and responsibilities. This information will prove invaluable to my organization as we familiarize our security doctrine and theology. I also appreciated the vast knowledge and candid nature of the instructor with regard to their experiences with the industry.”
Rob Marti
Integris Health

“The CSCS™ course should be mandatory training for anyone sitting in a security officer role, in any size organization. The material is invaluable at shining a much needed light on the myriad of regulations and compliance requirements facing information security professionals today. Well worth the price of admission!”
Chris Letterman
State of Alaska

“This has been one of the most accurate and comprehensive training modules I have ever experienced. The content and delivery was thorough and organized well. I would recommend the course to all persons holding executive level positions in order to appropriately make decisions in regards to complying with regulations that impact their industry.”
Steve Payne
Integris Health

“Very informative class. Makes me realize how much work there is to do. Pabrai made what could very easily have been a boring course quite interesting and engaging given his dynamic personality.”
Calvin Ho
Erickson Retirement

“The class was very informative. I was able to put structure to concepts I was unsure of. Thanks Pabrai for your enthusiastic teaching.”
Jeff Hinton
CHRISTUS Health

“The CSCS™ class provided me with a great understanding of information security as it relates to ISO and business continuity. I will use the tools and knowledge I obtained through this class to implement an effective and compliant environment.”
Timothy King
HCA

“I learned more in 2 days of the CSCS™ program than I have in week-long courses I have taken elsewhere. My mind is filled with ideas of things to work on when I get back to the office.”
Bruce Tadlock
Children’s Medical Center of Dallas

“Lots of great information and well presented. Instructor was well prepared and organized. It is a lot to digest but the instructor left us with many reference documents to review that should supplement the information well.”
Eric Pennington
CHRISTUS Health

“Very good course. Thank you for your good work.”
Dan Kantak
State of Alaska

“Program delivers a wealth of knowledge which can be applied to the security practices of your organization regardless of what industry you practice in.”
Mark G. Fulton
Meritain Health

“The CSCS™ program is designed to live with you after the seminar. It provides resources for the rest of your career. Instructor is so inspirational and knows very well his subject matter. Who do I refer to this program? Only those I deeply love and care about.”
Francis Tanlah
Advocate Healthcare

“A very good overview of the major compliance laws, regulations, and frameworks. I came knowing very little, now I feel I know which way to start moving with security.”
Don Larson
Rush North Shore Medical Center

“The CSCS™ course was great and very comprehensive. I think that the coverage of multiple industries makes for a very well rounded understanding of security requirements. There are many good topics covered and ideas that can be incorporated into organizations I support.”
Paul Sliva
ICE Technologies

“I found the material in the CSCS™ class to be very educational, insightful and well put together. It is very useful to hear about regulations that affect businesses worldwide.”
Michael Wegner
Core Communications

“I found the course informational and useful. It will help me to refine our existing policies and procedures for information security. Ali Pabrai is very complete and entertaining to listen to. He presents a complex subject in a thorough and professional manner.”
Carl Wilburn
Carroll County, Iowa

“The CSCS™ program was very helpful in pointing out areas of potential weaknesses and will be a tremendous help to my job function.”
Ellen Hodge
CVS Caremark

“The training equipped me with skills and tools to manage the security issues of my institution’s network infrastructure. The training helped understand how to enable a much more resilient infrastructure.”
Samuel Quarshie
Ghana Health Service

“Invaluable program! I highly recommend the CSCS™ program to any person who is responsible for managing IT and has responsibilities that impact security, business continuity and disaster recovery. Very effective instructor.”
Binh Nguyen
University of California, San Francisco Medical Center

“Detailed exposure to issues of security which we had taken for granted. Hopefully, we will allocate more resources to issues of IT security and data confidentiality.”
Nathaniel Otoo
National Health Insurance Authority(NHIA), Ghana

“Very good information. Exposure to laws affecting the world of IT security.”
Leslie Scarborough
Hoag Hospital

“There was a lot of great information.”
Teresa Kopshina
Halifax Health

“Wow! I am overwhelmed by the amount of useful information I learned in the CSCS™ program. The presenter Ali Pabrai is excellent and very knowledgeable about the different regulations. I am sure that once I get back to my office I will be able to apply most of the knowledge acquired during the CSCS™ training. Thank you for the opportunity of sharing with others and learning from them as well.”
Paulo Pereira
Loma Linda University Medical Center

“Ali is very knowledgeable in all aspects of information security. It was a privilege to attend a course taught by such an experienced and competent security professional. I hope to take many lessons back to my organization.”
Corey Zeigler
Coulton-Potsdam Hospital

“The CSCS™ program was very useful and relevant to my sector, which is the health sector. The presenter was well prepared and was on top of issues. I wish to recommend this program to most sectors of the economy especially to the developing world where IT is getting a lot of visibility. Excellent program!!!”
Limuna M. Muniru
Ministry of Health Ghana

“Presenter knowledge was excellent.”
“The class was very informative. There was a lot of material to cover. The practice tests were very helpful.”
Nicole Rivera
United Healthcare – Prescription Solutions

“The program had a lot of information. There was good class participation. The program included emphasis on learning, summary, terminology and 2 practice exams.”
Karen Mihelic
Perot Systems

“Before attending the class I had no concept of ISO 27002. I know have a much better understanding of ISO concepts and standards.”
Cecil Miller, CHP
JHHA

“The course was very well structured. The delivery was fantastic. Security is usually taken for granted and have cost a lot of businesses dearly. The CSCS™ program opened my eyes to a new world of the state of information security. I will recommend highly.”
Ben Kusi
National Health Insurance Authority (NHIA), Ghana

“Great job. Great information.”
Corey Adams
MACT

“I enjoyed this two-day CSCS™ class. It was very informative. Pabrai is a great instructor. He is very knowledgeable and made it a very light atmosphere – while keeping things on track and moving along. He was able to answer all our questions, and give us ideas on how to make our infrastructure more secure. It was a fun class.”
Randy Whitaker
Aultman Health Foundation

“Detailed, organized delivery of the subject matter. Ali presents the information in an organized format, that helps you understand the underlying concepts in the curriculum. Excellent class.”
Harold Horne
United Indian Health Services

“Presentation was very informative. Thank you for keeping a very dry topic entertaining.”
Sasi Shifarraw
Aultman Health Foundation

“I was very impressed with the CSCS™ class. I have learned many things that will help me in my new position as well as the 16 CPE’s that will count toward my CISSP credential.”
Mike Radosevic,
CISSP OSF Healthcare Systems

“This course was enlightening. I had no idea of the number of regulations out there. The regulations were presented in a clear and organized manner that made them easier to digest.”
Joe Kirby
Red Hat, Inc.

“I was looking for a refresher on the regulatory landscape. I got that and much more. The regulations themselves are confusing, but I came out with a clearer picture of what they were and what they require. I now have a Chinese menu of resources I can use, even if I am not bound by that regulation.”
Kevin K. Smith
Nyemaster Goode, PC

“The training was comprehensive in covering the major legislations affecting several industries. Real world experiences was beneficial and relevant.”
Christine Kinyenje,
CISSP Lockheed Martin

“The CSCS™ course has been a very thorough and in-depth study of the fundamentals of information security in the industry and government, across the board. I have a much better and clearer understanding of how to implement security plans and procedures and their impact on business, government and my own privacy – after receiving this training.”
Lane Wade
Howard Technology Solutions

“I found the CSCS™ class to be very informative and educating, I give the teacher Pabrai an A+. He made the class very interesting and knows how to keep your attention.”
Larry Scheetz
Aultman Health Foundation

“Pabrai is an excellent teacher in the field of information security. I am sure his instruction will be valuable as we move towards a more secure environment.”
Barbara McGill
Aultman Health Foundation

“The CSCS™ class is very good and covered every aspect of what is required in today’s healthcare and business world. It addressed the many different industries and their security requirements so that we have a better understanding of what is required for integrity and security of protected information. I especially liked the module on contingency planning and disaster recovery.”
Terry Andrews
Aultman Health Foundation

“I learned a lot about security and compliance. Hopefully, we can get a team together at Aultman and work together to get us fully compliant with regulations such as HIPAA and PCI that impact us. Pabrai has a great personality. You livened up the class with your sense of humor.”
Linda Osentoski
Aultman Health Foundation

“Very informative. Lots of information to absorb. Identified the areas that require great significant improvement. Thanks.”
Tina DeJane
Aultman Health Foundation

“The information presented was very thorough. Ali’s knowledge of the subject matter was impressive. Not all of the information presented will be useful in my current employment, but may be in the future.”
Doug Olin
Innovative Solutions

“Great class. I would recommend it to others.”
“Instructor was very engaging.”
“Excellent presentation. Demonstrated depth and knowledge as well as broad understanding of issues facing organizations today. I gained a lot of useful information. Excitement is key!”
T. Shawn Knisely
Aultman Health Foundation

“I found the CSCS™ class to be very useful. It was taught with passion and was entertaining while informative. Would definitely attend another class by this teacher. I would recommend this class.”
Brian Linerode
Aultman Health Foundation

“The class was excellent. Very comprehensive. My primary responsibilities include the creation of security policies and business continuity plans. The information covered in the class will be of immediate benefit to me, my company and our clients. Thank you!”
JoDee Pederson
3SG

“This is an extremely comprehensive course that covers the main security frameworks. The key to success of the proper implementation of the security standards is to not only comply with the standard for your industry, but also integrate the best practices of others.”
David P. Spaker II

“I enjoyed the class very much. It was very informative. The presentation made the topics very clear about regulatory and compliance requirements across industries. Information provided is very helpful for research.” 
Frank Wong
City of Los Angeles, California

“Ali is a terrific presenter. I thoroughly enjoyed the course and his in-depth knowledge of all of the material. I am recommending the CSCS™ program to several of my co-workers.”
Steve Garcia
Vemics, Inc.

“Ali is an extremely knowledgeable and a skilled presenter of IT security and compliance methodologies across multiple industries and frameworks. He kept the class interested, engaged and wanting to learn more.”
Michael W. DeGraff

“The training session was interesting and we now have a clear picture about different security standards and frameworks. We were also exposed to different compliance requirements from various countries for information security.”
Rajitha Baswaboina
Zayata India Pvt. Ltd.

“Pabrai was very knowledgeable. Great class.”
Patrick Harrison
Revolution.com

“Good training! I learned so much new knowledge and security and compliance.”
Ken Lee Chow
ITCHI, Inc.

“The CSCS™ class provided a great overview of the requirements and definitions for many regulatory requirements. It is a must-do for every security professional to use as reference as their business/agencies grow.”
Kari Garland
Riverside County, California

“Extremely comprehensive program giving one the advantage point of understanding security from all unified industries and then to be able to apply it to others. Program is thought provoking. Enable the participant to take the concept and think of areas that they need to focus on to make their environment/organizations better.”
Brian Lane, Vice President
American Hospital Association (AHA) Solutions

“I’ve learned so much from the CSCS™ class. The content of the program was very helpful for me to understand the concepts of so many different regulations and legislations. Great class!”
Anson Fong
City of Los Angeles, California

“This was an excellent class. Finally, a program that encompasses all regulations an organization needs to be aware of and consider when conducting their business.”
Jeff Bontsas
Ascension Health

“A lot of information covered in a clear and easy to understand manner. Instructor shared real life situations to better understand certain scenarios.”
Tony Grevich
ITS

“The class was extremely informative and entertaining. I have never learned so much in so little time.”
Matt Hendrickson
Onsite Computer Solutions

“Ali taught with excitement and gave direction and information on subjects that could turn any dry desert into a rain forest. Knowledgeable, informative and having a passion to share his assets of compliance are but a few traits that make this course exciting, enjoyable and fun. Thanks Ali!”
Jason Havelock
Gotham OHC, Inc.

“This program is excellent and I will refer my friends and business partners to attend the course in the future.”
Gopal R. Gangireddy
WorldTech USA, Inc.

“Loved this program. Ali is a fantastic instructor. Thank you.”
Cynthia Stark
Cascade Healthcare Community

“Awesome presentation. I’ve learned a lot in a little time. I’m in application development and was enlightened and empowered by the information and detail of topics presented. The actual documents referenced will be very helpful in designing more secure and compliant applications.”
Shayne Blevins
Rockford Health Systems

“The course is something very exciting. It gives me the opportunity to learn how we may lose critical information and how to develop appropriate security safeguards to protect the same. The subject covered was very comprehensive and the instructor is well versed on the subject based on his knowledge and vast experience. I will recommend to management that our IT Manager and others attend this course.”
Daniel M. Manuel
Moylans Insurance Underwriters, Inc.

“The CSCS™ course was out of my range of experience since I have no IT background. Ali presented a well prepared presentation that gave me a greater understanding of the subject matter as well as practical application suggestions. He was a great presenter/trainer and I appreciated his talent and humor.”
Debby Fencil
Familylinks, Inc.

“Ali delivers his message in an engaging manner that keeps interest from the audience. References to other sources of information are always given should someone want to delve into the subject in further detail.”
Joe Granneman, CISSP, CHSS, Chief Security Officer, Chief Technology Officer
Rockford Health Systems

“The information presented cleared up some of the issues regarding what is required and how to begin compliance. The presenter kept everyone’s attention and presented the material in a fun way. The class was well worth the time and I would highly recommend it.”
Mike Lindstrom
Rockford Health Systems

“Ali is a great speaker. Very knowledgeable about the subject he was speaking on. He was excited and passionate about the information he presented and he has a good sense of humor.”
Adam Stahl
Rockford Health Systems

“The course material was quite interesting and relative to my area. I didn’t realize how much detail there was in regards to regulations, Security, ISO…..very informative. Ali is the expert and has a better understanding of information security.”
IT Staff Member
Rockford Health Systems

“Program was very good. Presenter was very knowledgeable about subject and passionate about security.”
Brian Akey
Rockford Health Systems

“Program was a very good overview of the different policies and procedures that are involved with regulations. It gave a good insight into information security, privacy, and data protection. It made me aware of many different data protection policies and templates.”
Shawn David
Rockford Health Systems

“Ali was a fantastic presenter and I enjoyed the seminar very much. The information given to myself and my co-workers will be very useful in the future.”
Morgan Loewecke
Rockford Health Systems

“The information presented today was very valuable to my current work efforts within the IT environment at Rockford. The information was very well organized and presented in a clear format.”
Deb Esparza
Rockford Health Systems

“Ali is very passionate about his material and is extremely knowledgeable. His presentation provided me with quite a number of new regulatory items I was not aware of. I hope he can present future programs to us.”
Tim Naami
Rockford Health Systems

“The information was very valuable. I think we have a long way to go.”
Angela Hyser Rockford Health Systems

“The CSCS™ program was very detailed. Ali went through the material at a good pace. Ali kept the class on track and focused.”
John Herlugson
Rockford Health Systems

“I appreciate the time taken to cover this complex subject. I enjoyed the class and the detail information on compliance. I will be focused on our network system to bring further security and compliance to it.”
Jonathan Ballard
Rockford Health Systems

“A lot of info covered in a short amount of time.”
Cory Gehrke
Rockford Health Systems

“Ali was a good speaker, liked jokes, and kept attentive. A lot of material covered in short period.”
IT Staff Member
Rockford Health Systems

“I thought that the presentation was put together very well. Ali clearly knew the ins and outs of security. He was very energetic about this topic and gave clear concise answers.”
Kris Johnson
Rockford Health Systems

“Ali did a fine job of presenting the information.”
Shawn McCoy
Rockford Health Systems

“I was very comfortable in HIPAA. The other information received was very informative and enlightening. My position is Clinical Computer Training Specialist.”
Darrell W. Carter
Rockford Health Systems

“It was interesting and I learned about a new alcoholic beverage. What is better than that? B52!!!”
Lu Ann Balch,
RN Rockford Health Systems

“Excellent overview of material and well organized. Presented in a concise, understandable format.”
Barb Johnson
Rockford Health Systems

“Ali Pabrai is well versed in a multitude of laws, regulations and standards. If your organization must comply with information security requirements, you will do well to take the CSCS™ course.”
Tony Lewis
Intuit, Inc.

“A lot of info in a short time. Many acronyms. Things we have discussed about regulations in more detail, makes me understand how important it is to be ready for any kind of disaster. Very good speaker-not boring! Very informative, very passionate about his work.”
Carmella Kane
Rockford Health Systems

“The information was very valuable to our organization and we could benefit from extended training and review of our documentation as to where we are with all of these processes.”
Lory Brantley
Rockford Health Systems

“I thought that it was very good and I got a lot out of it.”
Ron Scott
Rockford Health Systems

“Explained that there is more to regulations than I knew.”
Gary Henderson
Rockford Health Systems

“I was very comfortable in HIPAA. The other information received was very informative and enlightening. My position is Clinical Computer Training Specialist.”
Lu Ann Balch, RN
Rockford Health Systems

“Slides good. Explanations good; good comparisons between different legislations. Especially appreciated ‘live’ examples.”
Terrie Edwards
Rockford Health Systems

“CSCS™ Program is very good. Presentation was good and presenter was very knowledgeable about subject and very passionate about security.”
Brian Akey
Rockford Health Systems

“Good instructor. Knowledgeable about subjects covered.”
Mark Diaz
Intuit, Inc.

“Attending the CSCS™ program really gave me more detailed knowledge and understanding of the rules, regulations, and laws of my career field. It opened my eyes to see exactly how my organization compares in the application of the IT rules and regulations and best practices.”
LaDonna Webb
Trace Security, Inc.

“Great course, great instructor. The information given at the course will definitely help me in future work.”
Alex Pilijuzov
Intuit, Inc.

“After taking the program, I gained more knowledge in those 2 days than I did taking years worth of classes at my local community college.”
Rick Blanford

“Having no security background I found this program to be very informative and well organized and presented. The program took a very complex subject and made it understandable in a short period of time.”
Peter Savarese, President
Compliance Counsel, LLC

“This class really provided very good coverage of the numerous compliance regulations and laws that are impacting businesses. I would recommend this class to anyone that is responsible or involved with information security in their organization.”
Kevin Westby
Blessing Hospital

“Excellent curriculum. Excellent instruction. Absolutely one of the best classes I have attended. I am looking forward to my next class with ecfirst. Ali is definitely one of the best instructors I have ever had – definitely among the top three.”
Casey A. Pitts
Humility of Mary Health Partners

“The course material was very detailed and will provide good reference material for future compliance projects. The instructor was very knowledgeable and passionate about the information that he covered in class. I learned a great deal of information in a short time.”
Bill Kelty
Sherman Hospital

“I was very pleased with the training materials that were provided. In general, the hardest part was keeping the different pieces of legislation straight, since they are so similar. That was a part of several questions where I knew the content of what the question was asking, but had trouble choosing the terminology. I think this was a good experience, and I’m looking forward to the HIPAA class.”
Steve Currie
Ernest & Young

“Enthusiastic presenter. Keeps participants engaged in subject matter. Good technical content.”
Kim Ries
Ernest & Young

“The CSCS™ class was very informative and pertinent to the key items faced today in the IT security world. Ali Pabrai was very knowledgeable and a very strong presenter. I enjoyed the structure of the class and the format it was delivered.”
Bob Ranalla
Ernest & Young

“Made the (dry) material as entertaining as it could be.”
Janet Rudie
Ernest & Young

“Thank you for covering across all the relevant and important regulations as they relate to security. The training was very concise and prescriptive. It was a well taught out interpretation across all regulations.”
Karl Anderson
Ernest & Young

“This 2 day class was well prepared and provided us supporting documentation. Our instructor was well prepared and able and willing to answer our questions.”
Michael Ranalla
Ernst & Young

“The instructor was excellent at making the content come alive and make a rather mundane subject area interesting. The content, PowerPoint presentations, data sheets and supporting material were extremely helpful. They were to the point, specific and very helpful.”
Fayaz Jatter
Ernest & Young

“I did enjoy the presentations and I thought the content was good!”
Cynthia Lee
Ernest & Young

“The CSCS™ course is an effective mechanism to inform IT professionals of the regulations that encompass IT security. I enjoyed the course!”
Jonathan Harrell
Trace Security, Inc

“This course was a great experience. I’m impressed with the format, instruction, and way ecfirst boiled the complexity down.”
Anonymous
Chicago Public Class 2010

“The ecfirst CSCS™ Program is an essential resource to any organization that takes security seriously.”
Josh Baker
ThinAir Data Corp

“Lots of information in 2 days. However, well represented. Learned information to take back home. All in all a great class.”
Anonymous
Chicago Public Class 2010

About Ali Pabrai

pabrai-photo

Ali Pabrai, MSEE, CISSP (ISSP, ISSMP), CCSFP, Security+, a cyber security & compliance expert, is the chairman & chief executive of ecfirst. A highly sought after professional, he has successfully delivered solutions to U.S. government agencies, IT firms, healthcare systems, legal & other organizations worldwide. Mr. Pabrai served as an Interim CISO for a health system with 40+ locations in USA. Mr. Pabrai has led numerous engagements worldwide for ISO 27001, PCI DSS, NIST & HIPAA/HITECH security assessments.ecfirst is an approved HITRUST CSF assessor & a PCI Qualified security Assessor.

Mr. Pabrai developed a signature security methodology called, bizSHIELDtm. The Seven Steps to HIPAA Security. bizSHIELDtm today provides the framework for many security and compliance initiatives at client organizations worldwide.

Mr. Pabrai was the creator of the world’s most successful Internet skills certification, CIW. Mr. Pabrai also established the industry’s first certification program on HIPAA – Certified HIPAA Professional (CHP) and Certified HIPAA Security Specialist™ (CHSS™). He also launched the Certified Security Compliance Specialist™ (CSCS™) program.

Mr. Pabrai is the co-creator of the Security Certified Program (SCP) – a program approved by the U.S. Department of Defense Directive 8570.1M and one of the industry’s most comprehensive hands-on information security certification programs.

Mr. Pabrai has presented passionate briefs to tens of thousands globally, including the USA, United Kingdom, France, Taiwan, Singapore, Canada, India, UAE, Africa, Saudi Arabia, Philippines, Japan & others. Conferences Mr. Pabrai has been featured at include HCCA, ISACA CSX, HIMSS, InfraGuard(FBI), ISSA, HIPAA Summit, Google Privacy & Security Summit, Microsoft Tech Summit, Internet World, DCI Expo, & dozens of others. Mr. Pabrai is the author of several Published works.

He has delivered fast paced, high energy briefings in many cities worldwide including Jeddah, (Saudi Arabia); New Delhi, Bangalore, Chennai and Mumbai (India); Tsukuba City (Japan); Dubai, Abu Dhabi (UAE); Karachi and Lahore (Pakistan); London (UK), and across the United States. Mr. Pabrai’s clients have included hundreds of hospitals, long-term care facilities, Kaiser, Microsoft, Kemin, Ernst & Young, Elkay, Intuit, Pella, Principal Financial, U.S. Naval Surface Warfare Center, U.S. Defense Intelligence Agency, U.S. Department of Veteran Affairs, as well as numerous federal, state and county governments.

His career was launched with the U.S. Department of Energy’s nuclear research facility, Fermi National Accelerator Laboratory, in Chicago. During his career, he has served as Vice-Chairman and in several senior officer positions with NASDAQ-based firms.

Mr. Pabrai was appointed and servers as a member of the select HITRUST CSF Assessor Council. Mr. Pabrai is a proud member of the U.S. InfraGard (FBI).

He can be reached at Pabrai@ecfirst.com or at +1.949.528.5224.

Control your excitement!

Shop Online CSCS™