EC-Council Successfully Completes its First Ever Global Partner Conference in India

Hyderabad, Dec 1, 2012: EC Council, one of the leading certification organizations in the world wrapped its first ever Global Partner Conference (EGPC) in India in Hyderabad on Dec 1st ’12. The event held at Taj Deccan, saw partners from across the country come together for an engaging, learning and interactive session with the management team of EC Council.

Present at the event from EC Council were- Jay Bavisi, President, Sean Lim, VP and Akash Agarwal, Country Manager- India along with the entire India team.
The sessions for the evening ranged from the changing technology trends and the security requirements in the post PC era and EC Council’s plans for taken up by Jay and a session by Sean where he explained the various marketing and sales activities planned for the coming year.
Suggestions were made by the EC Council team on how Partners could maximize their reach, growth and education initiative in 2013 and solutions were provided for queries about EC Council’s courses, future plans and the upcoming activities in the coming year. Best practices were shared amongst the partners and they were full of enthusiastic questions, suggestions, appreciation and feedback that made this event worthwhile.

Speaking about the event Jay Bavisi, President, EC Council said, “The Indian market is a priority for us in terms of the opportunities and market potential. With our globally adopted courses, we hope to provide secure solutions to support organizations in their mission critical business needs that continue to grow. Our partners are an integral part of the EC Council family and interacting with them has been an extremely enriching experience. We now understand the market needs better and they understand the EC Council offerings better than before and we hope that together we will be able to make the Indian market a more cyber secure environment in the global scenario.”
We are excited to make EGPC a regular feature and an event that brings together the entire EC Council community, the day was wrapped with numerous fun activities and prizes, certificates and awards up for grabs.

About EC Council

EC-Council (International Council of E-Commerce Consultants) is world’s largest certification body for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.
For more information please visit http://www.eccouncil.org/about_us.aspx
Catch a few glimpses of EGPC ‘ 12

Media Contact:
Mail To: marketing.india@eccouncil.org


Times of India – EC-Council to set up 500 seater training centre


EC-Council Launches Information Security Awareness Program

With an aim to educate budding security professionals, EC Council partners with education institutions across India, starting with Hyderabad

Hyderabad– 28th January, 2013 – EC-Council, one of the leading certification and training organizations in the world has launched its Information Security Awareness Program in India starting with Hyderabad.

This initiative by EC Council is well timed as Frost & Sullivan reported that nearly 80 percent of Indian business enterprises have reported data theft through online hacking. According to a recent Norton by Symantec report, of the total 137 million Internet users in India, 42 million have fallen prey to the cyber fraud in one way or the other. The financial loss per cyber-crime victim is around Rs 10,000 for 2012.

Keeping all of the above in mind, with an aim to educate young students and budding professionals about the hazards in cyber security and the menace of cyber threats, EC Council has launched this ongoing initiative, partnering with numerous colleges, universities and institutions across cities in the country.

Kick starting this program in Hyderabad, EC Council has partnered with Mahatma Gandhi Institute of Technology to talk about the perils of cyber threats with students of the CSE and IT Department and the faculty of the College.

Talking about this program, Mr. Jay Bavisi, Global President, EC Council says, “India is in urgent need of cyber security education. With the number of attacks and vulnerabilities on a rise, organizations and all security professionals need to know how to safe guard themselves from malpractices that can put their company at risk. With our globally adopted courses and trainings, we hope to educate these budding professionals so they are equipped to support organizations in their mission critical business needs that continue to grow. With this program we wish to make the Indian market more secure in the global cyber space.

Speaking at the event, Dr. G. Chandra Mohan Reddy, Principal, Mahatma Gandhi Institute of Technology said, “We see the benefit in this Awareness Program and the multiple ways in which our students will benefit from this. As an institution our goal is to provide world class education and empower the students with skills that will benefit them in the long run personally as well as professionally. We are glad EC Council has initiated this Program and would like to thank them for the knowledge imparted to our students and faculty.”

The EC Council Information Security Awareness Program is a platform for students preparing to be a part of the cyber world to meet, learn and plan together to secure the information security landscape of the future. The program is a combination of a series of seminars, talks, workshops, and events in which students and professionals are educated on topics such as cyber security, secure programming, hacking, cyber warfare, etc.

About EC Council

EC-Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.

Individuals who have achieved EC-Council certifications include those from some of the finest organizations around the world such as the US Army, the FBI, Microsoft, IBM and the United Nations.

For more information about EC Council, visit www.eccouncil.org.

Media Contact:
Mail To: marketing.india@eccouncil.org


EC-COUNCIL AUTHORIZED PARTNER, ITERA LAUNCHES THE FIRST SECURE PROGRAMMING COURSE IN SPAIN

January 1st 2013, Madrid:   EC-Council authorized training partner, ITERA Processing Consulting creates history in Spain by becoming paramount pioneers to launch EC-Council Certified Secure Programmer (ECSP) training in the region.

ITERA delivered the training to the focal mainstay of Spain’s vanguard of online banking communication security and the leading online bank namely “Selfbank.”
Owing to the exponential growing threat to financial and economic industries globally, Selfbank has taken the initiative to inculcate upgraded and more sophisticated security skills within their system to protect themselves against cybercrime and ensure that their client’s operations are highly secured.

This ECSP training has placed Selfbank at the forefront, in terms of qualification of their team, to fight against cybercrime since the very beginning of the development of their products and services.

http://www.eccouncil.org/news/wp-content/uploads/2013/01/ITERA-LAUNCHES-IN-SPAIN.png


Global CISO Forum Announced in Wake of LinkedIn Breach

EC-Council is launching the Global CISO Forum to address the increasing demands faced by top-level information security executives. The IS landscape has never been so fraught with attacks as evidenced by the recent LinkedIn password fiasco or by Google sending warnings of state-sponsored attacks to gmail account holders. The Forum, which will take place in conjunction with EC-Council’s premier IS conference, Hacker Halted, will focus on bringing together CISOs from around the world to discuss how the constantly changing security challenges affect the day-to-day lives of CISOs from the largest and most prestigious organizations. A few of the topics to be discussed will include integrating wargames into security strategies, recruiting, training, and managing superior security teams; data loss prevention; as well as internally branding and integrating a security program while aligning it with business objectives.

The diversity of topics that will be covered hint at the breadth of issues with which an average CISO must contend in order to succeed at keeping their organizations’ data safe. “The cybersecurity war is becoming more complicated by the day.” says Jay Bavisi, President of EC-Council. Mr. Bavisi went on to say, “EC-Council’s Global CISO Forum is an event that aims to bring together the world’s best and brightest CISOs to unite against the hackers and share information.”

One reason for continued breaches, according to the recent Wisegate report, could be the changing role CISOs are playing within their organizations. The report documents how CISOs are now more than ever being charged with an ever-expanding suite of responsibilities ranging from managing the conflicts that arise from the differing goals of IS and business development, to developing privacy policies and disaster recovery plans. The Global CISO Forum aims to address these challenges, partly through formal panel-based discussions, but also by bringing together the top minds in the CISO world and encouraging an atmosphere of best practice sharing.

One aspect of the fight for information security that’s long been observed in the industry is the tendency for “the bad guys” to do a better job of information sharing than the guardians of the world’s information. According to Dave Cullinane, CISO at eBay, “Continuous process improvement is happening on the dark side. Our adversary is sharing information quite effectively. We are not. We must begin immediately to do so – and do it far more effectively than ever before. We need to shift the balance of power back to the Good Guys.”

For more information and inclusion in the Forum, interested CISOs can apply to attend here: http://www.eccouncil.org/resources/ciso-executive-summit.aspx.

Read the full story at http://www.prweb.com/releases/2012/7/prweb9675634.htm

To read more please click HERE


CISOs To Huddle In Wake Of LinkedIn Breach, Gmail Warnings

The EC-Council invites security chiefs to get together before Halloween and decide how to bedevil their adversaries.

The EC-Council, the body behind the Certified Ethical Hacker certification, will convene a Global CISO Forum in Miami on Oct. 29 and 30, open only to a limited number of senior information security executives, to discuss a security landscape that is increasing in complexity and alarming Internet users. Apparently, when attackers start ripping off and decrypting large caches of LinkedIn’s hash-encrypted passwords and state-sponsored attacks are a big enough threat to Gmail users that Google has to issue warnings, it’s time for the world’s CISOs to huddle.

The summit, scheduled in conjunction with the EC-Council’s IS conference, Hacker Halted, will gather CISOs from the world’s “largest and most prestigious” enterprises to talk about how these types of extreme events affect their companies and what to do about it.

But what can a forum like this do to prevent data breaches? For one thing, it provides a venue for the exchange of ideas and information. For a long time, attackers have been well-organized and shared information freely. “But due to proprietary, governmental and other borders, we guardians of information do not share information as well as they do,” says Amber Williams, manager of strategic initiatives at the EC-Council. “This forum is designed to promote exchange of ideas and discussion, with six to seven experts per panel topic who will elicit a lot of responses from the audience as they go along.”

That’s all well and good, but, according to Danny Lieberman, CTO of Software Associates, most CISOs and infosec professionals already know what needs to be done for appropriate security countermeasures. For example, encryption is a cornerstone of securing data at rest, and our latest InformationWeek Strategic Security Survey recommendation list includes better vetting of service providers.

The problem is getting the CEO to agree.

While the EC-Council’s Hacker Halted events see increasing attendance year on year, says Williams, the council is capping attendance for the Global CISO Forum at 200. The goal is to make high-level executives feel free to talk about not just best practices but the struggles they have had without fear of hurting their brands, she says.

You know the EC-Council is getting serious when it talks about “integrating war games into security strategies.” Other topics of discussion planned for the summit include recruiting, training, and managing superior security teams; data loss prevention; and internally branding and integrating a security program while aligning it with business objectives. In fact, the EC-Council says one reason for continued breaches is the conflicts that arise from the differing goals of security and business development teams. The forum intends to address this issue and others not only through panels but also by encouraging an atmosphere of best-practice sharing.

It’s great that the EC-Council and CISOs are on fire about this. But it’s also clear that without approval from the CEO, anything with a price tag that doesn’t have demonstrated business value will go nowhere. That is why CISOs should pay special attention to the part about aligning with business objectives.

What CISOs should really be asking at this forum, says Lieberman, is how their peers develop a real business case to present to the CEO. How do I put together a threat model and evaluate the risk? How do I get the CFO on board before I go to the CEO?

Lieberman illustrates a sample exchange, where the CISO is prepared to say to the CEO, “There is X percent chance someone will steal our company’s intellectual property. I have put together a team to evaluate the risk, and that is its finding. It will cost $20 million if this IP theft occurs. I need a couple more employees and $1 million to buy hardware and software to protect that $20 million worth of IP.”

Better yet, have the CFO on the team that helped put together this analysis, something the EC-Council plans to address. “Because we are inviting mostly C-levels, they will report to a board or another C-level executive,” says Williams. “Part of what we want to share is how to brand a security program internally and sell it to the board, C-level executives, and the whole company. And in the case of governments, sell it to the many layers of government workers.”

Another concern for many security chiefs, says Alan Shimel, managing partner at The CISO Group, is the changing nature of the threat. Many CISOs at work today came into that role during a time when financial fraud and cybercrime were the motives for attacks, says Shimel. “Now we have hacktivists and people who are financially motivated, but instead of looking for personally identifiable information, they’re looking for intellectual property,” he says. “Due to these different motives, hackers use different attack vectors.”

Announced speakers for the event include Eddie Schwartz, CISO for RSA; Joe Albaugh, CISO at the Federal Aviation Administration; Ron Baklarz, CISO at Amtrak; and Richard T. Rushing, CISO for Motorola Mobility.

To read more please click HERE


Hack the Hackers 2012

Hack the Hackers 2012
Sofia, Bulgaria

On June 7th, 2012 New Horizons Bulgaria hold Hack the Hackers 2012 – a free seminar with live hacking demos, organized exclusively to promote EC-Council and CEH in Bulgaria.

The event was led by EC-Council top trainer Sean Hanna, who was in Bulgaria to deliver the third CEH training for New Horizons’ clients.

We managed to get Sofia University – the largest and most prestigious university in Bulgaria – to partner and sponsor the event. They provided us with a 300 seat auditorium, situated in the center of Sofia.

Official media partner of the event was Kaldata.com – the leading Bulgarian site for software, hardware and IT news, with over 1,500,000 unique monthly visitors.

Hack the Hackers was once again greatly supported by EC-Council, which was announced as the exclusive certification partner of the event. Hanan Wagie, Senior Director – EMEA, provided us with free 3 CEHv7 digital courseware and 3 iLabs, and arranged an exclusive interview with EC-Council President Jay Bavisi.

The campaign started on May 4th with the launch of Hack the Hackers website and two days later we got 300 registrations! Not a single euro was spent on advertising – an email invitation to our newsletter subscribers and a press release were just enough to spread the word.

Hack the Hackers event was attended by more than 250 onsite and 60 online participants. Many of them work for high-profile companies from the following sectors: Finance, Telecommunications, Information Technologies, Public Administration, Energy, and Manufacturing.

Sean presented the topic Client Side Hacking – Targeting the User, and demonstrated Cracking wireless WPS with Reaver, Remote Code Execution Buffer Overflow, Social engineering with SET and DNS Spoofing). At the end of the seminar two CEH vouchers were awarded to: Lazar Sestrimski, developer at Haemimont LTD, and Vlado Treneski, CISO at Interakcija.

The event got media coverage by Bulgaria’s most popular TV channel (bTV), and a number of online media (Kaldata, Saga Technology, itForum, Info Week, etc.).

Difficulties: Despite the venue was glorious and in a perfect location, we experienced difficulties with the university administration, such as organizational problems, voice echo and lack of technical support.

Next steps:

1. Promotion of EC-Council Secure Computer User Specialist program, in response to growing interest in security issues among non-IT people.

2. Promotion of EC-Council Certified Hacking Forensic Investigator program to raise awareness about collecting digital evidences.

 

To read more please click HERE


Gurgaon Teaches To Hack Ethically

A number of institute offering ethical hacking courses have come up in the city to meet the rising demand of ethical hackers among companies which are gearing up to protect their information from threats, says Mamta Sharma. Gurgaon being a corporate hub has not been unaffected by cyber criminals having seen an alarming increase […]

To read more please click HERE


EC-Council Achieves ANSI 17024 Accreditation for Its Certified Ethical Hacker (CEHv8) Certification

EC-Council’s Certified Ethical Hacker (CEHv8) certification program receives the American National Standards Institute (ANSI) Personnel Certification Accreditation. To become certified, an organization must undergo stringent quality reviews and assessments. EC-Council is one of the few organizations that specialize in information security (IS) to earn the accreditation.

Albuquerque, NM, March 7, 2012 – Today EC-Council announces that it has been accredited by the American National Standards Institute (ANSI) to meet the ANSI/ISO/IEC 17024 Personnel Certification Accreditation standard for its Certified Ethical Hacker (CEHv8) certification. EC-Council is one of a handful of certification bodies, whose primary specialization is information security, to be awarded this much sought-after quality standard.

“ANSI commends EC-Council for meeting the rigorous requirements of the ISO/IEC 17024 standard and joining the elite group of organizations that have achieved this distinction” said Dr. Vijay Krishna, ANSI senior manager of personnel certification accreditation programs. “This achievement highlights EC-Council’s commitment to offering a high quality certification program. The ANSI accreditation process is designed to increase the integrity, confidence, and mobility of certified professionals and creates value for all the stakeholders including certification holder, employer, public, and regulatory authorities.”

The American National Standards Institute (ANSI) is a private non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system. It is the sole representative of both the International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC) in the United States. ANSI is the only personnel certification accreditation body in the United States to meet nationally accepted practices for accreditation bodies. The ANSI/ISO/IEC 17024 standard addresses the general requirements for certification entities.

In order to award the accreditation, ANSI conducted a verification process to ensure that EC-Council is impartial and objective as a certification body. It also confirmed that EC-Council’s certification process is conducted in a consistent, comparable, and reliable manner. This process required rigorous quality reviews of EC-Council and the Certified Ethical Hacker (CEHv8) certification program.

Jay Bavisi, Co-Founder and President of EC-Council commented, “Achieving ANSI 17024 reflects not only our commitment to quality but, equally important, our approach to continuously improve as a learning organization to ensure that EC-Council is much more agile, efficient, and strategically fit for the future.”

A Certified Ethical Hacker (C|EH) is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). Since its creation in 2003, the Certified Ethical Hacker has certified over thirty thousand individuals and has become the global de facto leader in certifying IS professionals.

EC-Council has been recognized for its highly popular CISO certification and for its certifications in the field of computer forensic, penetration testing and network security globally.

Bavisi added, “We have worked hard for over 2 years to meet the stringent requirements of ANSI 17024 standard. We have scrutinized and challenged every aspect of EC-Council certification activities and operations. This has resulted in significant improvements to both what we do and how we will do it. This benchmark of excellence will give our customers even more confidence in the quality of our certification”.

Contact:
Marissa Easter- Marketing Communications Specialist (marissa.easter@eccouncil.org)

About EC-Council:
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT). EC-Council has trained over 100,000 security professionals and certified more than 50,000 infosec professionals. Its certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. The global organization is headquartered in Albuquerque, New Mexico, USA. More information about EC-Council is available at www.eccouncil.org.

About ANSI:
The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standardization and conformity assessment system. Its membership is comprised of businesses, professional societies and trade associations, standards developers, government agencies, and consumer and labor organizations. The Institute represents the diverse interests of more than 125,000 companies and organizations and 3.5 million professionals worldwide.

The Institute is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC), and is a U.S. representative to the International Accreditation Forum (IAF).


EC-Council Forewarns Organizations About the Dangers of Phishing Attacks as Cybercriminals Move to More Concentrated Hacking Methods

New research shows that cyber criminals are moving away from mass spam attacks and focusing on more targeted hacking techniques. The most common of these methods is phishing. EC-Council has released a comprehensive guide on steps organizations can take to prevent disastrous security breaches.
February 13, 2012, Albuquerque, NM- Recent research shows that cybercriminals have moved from large mass spam attacks to more targeted techniques. One of the most common of these attacks is phishing, an attempt by cybercriminals and identity thieves to obtain sensitive information by masquerading as a legitimate and trustworthy source.

In order to keep organizations’ information secure, it is crucial for Information Assurance leaders to understand the two types of phishing methods: spear phishing and whaling, and the devastating risks they carry. Spear phishing is the most commonly used phishing method. Experts cite the amount of money generated as the reason for the switch to more concentrated attacks.

According to recent research conducted by Cisco, “Spear phishing attacks have proven to be both highly dangerous to victims and immensely valuable to cyber criminals. A vastly customized phishing attack can net 10 times the profit of a mass attack.” Cisco estimates the annual global cost of targeted attacks to organizations is $1.29 billion.

Sameer Shelke, IT Services and Risk Management Leader, says “Tackling phishing attacks can be immensely challenging as phishing emails are usually very convincing and it is hard to distinguish them from genuine emails. Risk management and control mechanisms against such social engineering attacks need to be dynamic in order to keep up with evolving security risks.” Shelke goes on to say, “While upgrading to advanced security solutions is crucial, educating people about phishing is also equally important.”

 

EC-Council recently released a White Paper written by Shelke that explores differences between spear phishing and whaling and offers solutions to combat phishing attacks. To download Shelke’s White Paper “Shield Your Business – Combat Phishing Attacks”, please visit: https://www.eccouncil.org/ciso/resourcesTo be successful at combating these attacks, an organization needs to have strong leadership in place. An effective Chief Information Security Officer (CISO) will lead a high performing information security (IS) program that protects against cyber crime and security breaches. EC-Council created the Global CISO Executive Summit Series to unite the IS leaders across the world in the fight against cyber crime. The CISO Executive Summits provide a platform for continuous learning where the most recent infosec threats and landscape evolution can be discussed.

 

EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts If this White Paper is of interest, it is encouraged to also look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series. To view the full report from the CISO Executive Summit, please go to this link. If you would like to attend or speak at upcoming CISO Executive Summits and would like to receive more information, please click here.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

 

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.