Posts Tagged With ‘Certified Chief Information Security Officer (C|CISO)’


EC-Council Forewarns Organizations About the Dangers of Phishing Attacks as Cybercriminals Move to More Concentrated Hacking Methods

New research shows that cyber criminals are moving away from mass spam attacks and focusing on more targeted hacking techniques. The most common of these methods is phishing. EC-Council has released a comprehensive guide on steps organizations can take to prevent disastrous security breaches.
February 13, 2012, Albuquerque, NM- Recent research shows that cybercriminals have moved from large mass spam attacks to more targeted techniques. One of the most common of these attacks is phishing, an attempt by cybercriminals and identity thieves to obtain sensitive information by masquerading as a legitimate and trustworthy source.

In order to keep organizations’ information secure, it is crucial for Information Assurance leaders to understand the two types of phishing methods: spear phishing and whaling, and the devastating risks they carry. Spear phishing is the most commonly used phishing method. Experts cite the amount of money generated as the reason for the switch to more concentrated attacks.

According to recent research conducted by Cisco, “Spear phishing attacks have proven to be both highly dangerous to victims and immensely valuable to cyber criminals. A vastly customized phishing attack can net 10 times the profit of a mass attack.” Cisco estimates the annual global cost of targeted attacks to organizations is $1.29 billion.

Sameer Shelke, IT Services and Risk Management Leader, says “Tackling phishing attacks can be immensely challenging as phishing emails are usually very convincing and it is hard to distinguish them from genuine emails. Risk management and control mechanisms against such social engineering attacks need to be dynamic in order to keep up with evolving security risks.” Shelke goes on to say, “While upgrading to advanced security solutions is crucial, educating people about phishing is also equally important.”

 

EC-Council recently released a White Paper written by Shelke that explores differences between spear phishing and whaling and offers solutions to combat phishing attacks. To download Shelke’s White Paper “Shield Your Business – Combat Phishing Attacks”, please visit: https://www.eccouncil.org/ciso/resourcesTo be successful at combating these attacks, an organization needs to have strong leadership in place. An effective Chief Information Security Officer (CISO) will lead a high performing information security (IS) program that protects against cyber crime and security breaches. EC-Council created the Global CISO Executive Summit Series to unite the IS leaders across the world in the fight against cyber crime. The CISO Executive Summits provide a platform for continuous learning where the most recent infosec threats and landscape evolution can be discussed.

 

EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts If this White Paper is of interest, it is encouraged to also look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series. To view the full report from the CISO Executive Summit, please go to this link. If you would like to attend or speak at upcoming CISO Executive Summits and would like to receive more information, please click here.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

 

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


Organizations Engage in Certification Training to Protect Against Cyber Attacks

The recent increase in security breaches has caused many organizations to put a greater emphasis on improving the skills of the information security (IS) workforce. Research shows IS certifications lead to improved job performance and higher returns on investment. EC-Council’s Chief Information Security Officer Certification (C|CISO) equips CISOs with the most effective toolset to lead a high performing information security program and defend the company from cyber attacks.

February 14, 2012, Albuquerque, NM- Recent research by Ponemon Institute has shown that the average cost of cybercrime has increase by 56%. The complex and dynamic nature of the current risk landscape is causing organizations to put a greater focus on training of its workforce. A current study by Global Knowledge cites that managers believe certified information security professionals are 80% more effective at their jobs post certification. Further, studies show that investing in certifications can yield higher return on investment (ROI).

According to a study by IBM, “When business partners are grouped by the number of certified individuals on staff, those with higher levels of certifications exhibit measurably higher revenue per certified individual, and the value of each additional certification improves team performance.” IBM estimates that every $1 invested in learning and certifications averages a return in revenue of $345. In addition to an increase in revenue, certifications improve team performance by 11%.

The need for having a highly skilled information security team has never been greater. Jay Bavisi, President and Co-Founder of EC-Council, stated “The information security industry has changed tremendously in the past few years. This year alone, large corporations and governments around the world have suffered devastating and extremely costly cyber attacks. With the need to fulfill the IS industry’s growing needs for strong leadership, the Chief Information Security Officer Certification (C|CISO) was designed to complement the use of high-end technology with empowered and experienced executives who are ready to direct the information security team in today’s complex environment.”

EC-Council’s Chief Information Security Officer Certification prepares Chief Information Security Officers (CISOs) to defend their organizations from security breaches by actively improving the current information technology security solutions, enforcing regulatory requirements and aligning IS with the strategic needs and goals of their organization. This skill set enables the CISO to be the best guardian of their organization’s digital assets. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso.

According to SC Magazine companies that employ a CISO to lead an effective IS program are 10 times less likely to experience costly security breaches. Today’s risk landscape makes it almost impossible to protect against data loss and theft without the skills of a highly trained IS leader, like a CISO. Certifications provide the CISO with the tools needed to effectively protect the organization from cybercrime. To view additional CISO resources, please click this link.

Contact:

Marissa Easter- Marketing Communications Specialist- marissa.easter@eccouncil.org
About EC-Council’s Chief Information Security Officer (C|CISO) Certification:
C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


Research Proves Best Performing Companies Employ a CISO with a High-Performing Security Program

Research done by SC Magazine proves that organizations that have a Chief Information Security Officer (CISO) have higher profit margins, generate more revenue, and display increased productivity.

January 31, 2012, Albuquerque, NM- EC-Council has released a new white paper that gives comprehensive strategies to CISOs on leading a high-performing information security (IS) program. According to research done by SC Magazine, companies that have an active CISO role and high-performing security program generate more revenue, spend less money, are more productive, and have reduced risks. However, the complexities and challenges of the organization’s infrastructure create daily traps that distract IS teams from carrying out tactical and strategic functions.

An effective CISO and well-run information security program can save a company almost 10% of total revenue. SC Magazine’s “Want to Reduce IT Risk and Save Money? Hire a CISO” article cites that this saving in gross revenue is accredited to a decreased risk of data loss and theft. Further, the article cites that the most successful companies that employ a CISO to lead an effective IS program are 10 times less likely to experience costly security breaches.

 

Chief Information Security Officer Summit Todd Bell, Executive IT Security Advisor at ConnectTech, LLC., says “Today’s threat landscape requires CISOs to develop and implement a high-performing information security (IS) program. One of the biggest challenges is not letting the torrent of corporate issues interfere with the overall effectiveness of the IT security team.” Bell, a speaker at EC-Council’s CISO Executive Summit in December 2011, was inspired by his panel role in the “Implementing a High-Performing Information Security Program” discussion and developed a how-to-guide for CISOs on leading a high-performing IS program. To view the White Paper, please go to: http://goo.gl/pxmY5 “Simply put, CISOs contribute to better business results by ensuring security measures are fully implemented, standardizing and automating procedures, and by taking a strategic role with the organization to make information security a part of a business process.” Affirms Jim Hurley, managing director of Symantec’s IT Policy Compliance Group.

 

EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts. Readers of this White Paper are also encouraged to look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series. To view the full report complete with key takeaways from the CISO Executive Summit or to attend or speak at upcoming CISO Executive Summits, please click here. If you would like to receive more information about EC-Council’s Chief Information Security Officer Certification program, please click here.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


Changes in Economic Climate and Business Landscape Call for a New Strategic Business Development Process – Wargaming

Fewer resources and smaller budgets are motivating Chief Information Security Officers (CISOs) to transition from an operational executive into a strategic business partner. To excel in today’s evolving and complex business landscape, CISOs must look for a new strategic business development process, such as Business Wargaming. Wargaming will help provide a holistic view of prospective scenarios, create a proactive development plan and an improved reactive strategy.

January 27, 2012, Albuquerque, NM- Today EC-Council releases a new White Paper that introduces an alternative method to conventional CISO practices. As the business landscape becomes more complex and adjusts to stricter policies, increased competition, budgets cuts and limited resources those in the Chief Information Security Officer (CISO) position must develop a strategy that will accommodate and meet the needs of the organization. Business wargaming will help the CISO develop a plan where they can foresee future challenges, predict the moves of their competitors and stay ahead of prospective obstacles.

Nitin Kumar, global executive and managing consultant, published a White Paper “Wargaming for CISOs” in EC-Council’s CISO Series of White Papers, he stresses, “To excel in this new business landscape, CISOs need to look at a new strategy development process which will help making decisions realistic at a minimal risk and achieve full strategic and operational alignment.” To read the white paper, please visit: http://goo.gl/XQPFa

In this White Paper, Nitin Kumar reviews the shortcomings of the conventional CISO strategy and guides the reader through the development of the wargaming strategy by examining wargame types, levels and execution. He suggests ideal circumstances for wargaming and highlights benefits of using this strategy. The White Paper includes tactics that will help the CISO manage the challenges and high demands that come with the role.

Business wargaming adapts the art of simulating moves and counter-moves in a commercial setting. Business war games are a relatively recent development, but they are growing rapidly, and the time has come for CISO organizations to adopt this technique in order to stay ahead of the game.

The CISO position has been around for less than a decade. In that time it has evolved dramatically. Neira Jones, head of payment security for Barclaycard, said in the article “How the Role of the CISO Must Evolve to Balance Risk and Business”, due to the changing business landscape, “The CISO needs to evolve from an isolated subject matter expert and analyst to a trusted advisor on how technology can improve business; to an integrated business thinker, facilitator, leader, evangelist and educator.”

Business Wargaming will help executives develop plans that meet their strategic goals, create competitive advantage, and elevate the pressure felt by the complex and ever-changing nature of today’s business landscape.
EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts. If this White Paper is of interest, it is encouraged to also look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester certification and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


EC-Council’s CISO Executive Summit 2011 Features a Unique Format that Encourages Knowledge Sharing Among the Diverse Range of Participants

The CISO Executive Summit included over 40 prominent speakers from across industries in the government, private and public sectors who were surprised and pleased by the interactive format of the event.

December 14, 2011 Albuquerque, NM- EC-Council hosted the 1st in its Global CISO (Chief Information Security Officer) Executive Summit Series in Las Vegas, NV December 5-6th at the M Resort.

The CISO Executive Summit 2011 was the first of its kind to be fully comprised of panel-based discussions. Panel chairs and speakers consisted of the world’s most successful thought leaders in the Information Security (IS) industry, including executive representation from top corporations and agencies such as IBM, Motorola, Transunion, Abu Dhabi Securities Exchange (ADX), Sallie Mae, Blue Cross Blue Shield, Deloitte & Touche, SecureNet Payment Systems, U.S. Department of Treasury, U.S. Army Reserve and Department of Defense.

The mission of the CISO Executive Summit was to unite the top information security leaders across the world in the fight against cyber crime and information security threats. Today’s rapidly evolving threat landscape is posing new risks to security professionals and the organizations they protect. The panel discussions were centered on the topics most relevant to high-level Information Security leaders including managing insider threats, cloud compliancy, and structuring and managing an infosec workforce. Some of the questions addressed were:

The CISO Executive Summit 2011 successfully accomplished its mission by providing a unique platform of 13 interactive panel discussions. This setup provoked in depth and intimate discussions about issues that are of global concern to high-level Information Security leaders. Panel speakers from the private, public, and government sectors brought an element of diversity and variety to the discussions. To view the full list of speakers, panel discussion topics and abstracts, please visit: http://www.eccouncil.org/cisosummit.

Jay Bavisi, President and Co-Founder of EC-Council, stated “The success of the CISO Summit is evident from the fact that so many senior executives from a vast array of organizations travelled to the EC-Council CISO Summit in the first week of December in Las Vegas. The intense industry representation and their engagement in active dialogue over today’s most pressing issues was beneficial to the industry. It was wonderful to witness the commitment shown by these individuals in seeking continuous learning and sharing.”

Tony Meholic, Chief Information Security Officer at Republic Bank, added, “The extensive knowledge and experience the speakers and audience displayed in the Information Security space was superb. I found the format to be informative and very lively. The opportunity to network with peers from various industries, government and academia was also very welcomed. These connections will provide valuable resources for discussions, questions and recommendations on current and future topics.”

 

 

“It was great to be a part of the 1st series of Global CISO Summit. I enjoyed the great panel discussions, fellowship and networking. I look forward to attending and speaking at future summits.” Said Jeffrey Vinson, CISO at SecureNet LLC., of the networking and knowledge sharing opportunities presented at the CISO Executive Summit.

EC-Council will host the 2nd in the Global CISO Executive Summit Series in May 2012, the location is to be determined. A Global CISO Summit is to proceed on October 25, 2012 in Miami, FL. For upcoming EC-Council CISO Executives Summits, please go to: http://www.eccouncil.org/cisosummit.

Contact:
Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

About EC-Council:
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and information security skills. It is the owner and creator of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Chief Information Security Officer (C|CISO) as well as many other programs that are offered in over 80 countries through a global training network of more than 450 training partners. For more information on CISO certification, visit http://www.eccouncil.org/ciso.