Over the years there has been a lot of ink spilled, keys clicked and blood shed over the morass of information security-related professional certifications that have popped up across the landscape like proverbial weeds in the garden.
Like the story of Goldilocks and the porridge – “This one’s too technical”, “that one’s not technical enough” – “ah, this one’s just right”. And some would argue that holders of certain “gold-standard” certifications are not necessarily security-savvy. The rhetoric goes on and on and on.
From my perspective, certifications are analogous to a college degree. There are incredibly smart and capable people that do and do not have degrees. There are no guarantees when it comes to a person’s knowledge, experience, and capabilities.
However, if one does have a college degree it reflects that some commitment had been made by the individual to study and earn the degree. And depending on the quality of the school and program, one would expect there has been some standard of study attained as part of their chosen course of study.
Likewise, pursuing professional certifications reflects one’s commitment to earning the certification, adhering to some standard or body of knowledge that is the foundation for the certification, and typically maintaining the certification by renewal/retesting or continuing education requirements.
This leads me to EC Council’s new C|CISO – Certified Chief Information Security Officer certification. I have been following EC Council’s C|EH – Certified Ethical Hacker certification since its inception. Read more…
Cyber attacks across the world are increasing in both frequency and intensity, says information security expert EC-Council. Such attacks are able to cripple organisations in a single blow, a consequence that cannot be ignored by any business strategy due to the lack of protection afforded by current legal frameworks.
From the hacking of companies such as Google and Sony to the FBI’s recent investigations of leaked photos of celebrities, the Information Age of the 21st century has progressed relentlessly, with security concerns constantly trying to catch up. This is why EC-Council has introduced its CISO Certification, a first-of-its-kind certification that recognises an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organisational goals, says Jay Bavisi, the President of EC-Council.
According to Symantec, cybercrime costs global businesses, governments, and others an estimated $114 billion every year. Strong technical knowledge and network security experience is now more important then ever, but this knowledge must be accompanied by the ability to effectively communicate these security issues in a corporate setting.
There was thus a need for certification as a designation of executive leaders who could address the emerging threats to information security by developing and maintaining a tough information security strategy. EC-Council has done so, introducing the CISO Certification programme for chief information security officers.
“CISO is a unique designation that has been designed in cooperation with industry leaders to identify a solid blend of functional and executive IT job roles and skill requirements”, says Bavisi.
This recognition is necessary in an era where even legal frameworks struggle to regulate and restrict the spread of information online. Such security is particularly crucial in industries such as banking and finance, where any minor error would result in massive monetary losses.
Even efforts to develop authentication for financial transactions have the added risk of gathering and storing even more personal information, said Marc Rotenberg, president of the Electronic Privacy Information Center.
“In our view, none of the current legal frameworks provide adequate safeguards for consumers, bank customers, depositors, and others who provide personal information to obtain financial services”, Rotenberg says.
In the absence of legal protection for information security, companies can rely on CISO certifications when hiring potential chief information security officers, or simply use it as a training course to enhance the skill of current employers.
Justyna La Pay – Associate Marketing Director (justyna.lapay(at)eccouncil(dot)org)
The International Council of E-Commerce Consultants (EC-Council) is a member-based organisation that certifies individuals in various e-business and information security skills. It is the owner and creator of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), and as well as many other programs that are offered in over 60 countries through a global training network of more than 450 training partners. For more information on CISO certification, visit http://www.eccouncil.org/ciso
Jalandhar: Hacking has often used to refer to more nefarious criminal uses such as identity theft, credit card fraud or other actions categorized as computer crime so much so that Ethical Hacking has been a very negative sphere. After the Twin tower blast where computer hacking was majorly used to obtain the vital government information that Ethical Hacking’s role, it played in safeguarding was understood. Now the organizations and companies also employ ethical hackers so as to quantitatively assess and measure threats to information assets and discover where the organization is most vulnerable.
Lovely Professional University (LPU), a name strongly associated with quality and innovation, in order to educate the students on the benefits and importance of Ethical Hacking has recently signed a MOU with EC-Council. EC-Council is a professional body established in USA, which certifies individuals in various e-business and security skills. They are the owner and developer of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI) and EC-Council Certified Security Specialist (ECSS) and many other fundamental programs in the realm of Wireless Networks and Security. This initiative has made LPU the first University in India to take such a step.