ERMProtect, a leading cybersecurity firm, today announced it has been
certified as a PCI Forensic Investigator (“PFI”) by the Payment Card
Industry Security Standards Council. The coveted certification, held by
only 20 firms worldwide, makes ERMProtect one of the few providers of a
full range of payment card industry risk solutions.
PFI-certified firms are authorized by the Council to conduct forensic
investigations of credit card data breaches. Prior to obtaining the PFI
designation, ERMProtect already had obtained certification as a PCI QSA
(Qualified Security Assessor), enabling the firm to assess whether
organizations comply with evolving Payment Card Industry Data Security
Standards (PCI DSS).
Founded by the major credit card brands in 2006, the Council is a global
organization that maintains, evolves and promotes Payment Card Industry
standards for the safety of cardholder data across the globe. It also
sets standards and certifies Information Security companies and
professionals that help organizations secure payment solutions.
ERMProtect’s recently won certification as a PFI solidifies the
22-year-old company’s place in the top tier of Information Security
companies in the United States. To obtain the certification, ERMProtect
submitted to a robust review by the Council of the company’s processes,
standards and personnel.
“Our company has performed more than 40,000 Information Security
Assessments and Investigations in our 21 years in business,’’ said
company founder Silka Gonzalez. “The PFI certification, added with our
existing credentials, assures clients that are getting the ‘best of the
ERMProtect also announced that Judy Miller, a former Managing Director
at Kroll, achieved the individual PFI certification. She co-leads the
forensic practice along with Esteban Farao, who has led complex IT
security assignments in Europe, Latin America, Mexico and the United
States for more than 20 years.
ERMProtect, founded in 1998, offers solutions to address both the
technical and human vulnerabilities that lead to data breaches. Our IT
security services include policy development, compliance assessments, IT
security implementation and remediation, digital forensics, and security
awareness training. This across-the-spectrum and long-standing
experience in the security sector enables us to serve as a full partner
in our clients’ IT security.