Posts Tagged With ‘security breaches’


EC-Council Warns the industry of Cyber Plague- addresses the urgent need for the implementation of a vaccine

Jay Bavisi, President, EC-Council, addressed leading figures in government, industry, and academia at the US National Security Agency’s CISSE Colloquium 2013, warning academic minds to introduce cyber vaccination programs via secure coding education.

India- June 13th: Jay Bavisi, President, EC-Council, warned thought-leaders from across the world- namely, from the Department of Homeland Security (DHS), the National Security Agency (NSA), and the finest academic minds of the NSA’s centers of academic excellence of the worsening Cyber Plague at the Colloquium for Information Systems Security Education (CISSE Colloquium). The event was hosted by the University of South Alabama in Mobile Bay on June 10, 2013. The CISSE Colloquium was created in 1997 to provide a forum for dialogue among leading figures in government, industry, and academia.

The Colloquium, one of the largest gatherings of academics, government, and industry,  had Bavisi’s keynote address, entitled “The Cyber Security Quagmire: Finding the Panacea”, aimed to elucidate the information security industry’s successes, failures, and future out-of-the-box solutions that can be implemented, using the pharmaceutical industry’s fight against diseases as a model.

As the co-founder and President of one of the largest IT Security certification bodies in the world, EC-Council, and the co-creator of the groundbreaking Certified Ethical Hacker (CEH) certification that launched ethical hacking as a mainstream career, Bavisi lent an interesting and unique perspective to the event.

Bavisi pointed out that while the medical industry has been able to nearly eradicate diseases such as polio and small pox through medical vaccinations, the information security industry hasn’t yet been able to achieve similar success against the scourges of cyberspace because of the lack of implementation of its vaccine equivalent: secure coding.

Throwing more light on this Jay Bavisi said, “We have unknowingly followed on the same path as the pharma industry. We quarantined our networks from attacks via firewalls, intrusion detection systems, and intrusion prevention systems. When this was insufficient, we introduced cyber hygiene by introducing security awareness programs, which introduced policies, processes, and controls.” Bavisi went on to say that the next step should be a cyber-vaccine in order to propel the world’s organizations into a more secure future.

Bavisi continued by linking the results of a recent national level secure coding competition being conducted in India with nearly five thousand participants, Code Uncode, to the continuing plague of insecurity. Findings from the Code Uncode competition decisively prove there is a serious lack of knowledge in secure coding practices that could be a causative source of security breaches around the world.

The Colloquium is active throughout the year and holds an annual conference in June. Conference information is available on the Colloquium website at http://www.cisse.info. The Colloquium board consists of members such as Brenda Oldfield, formerly the Director of the National Cyber Security Division of the U.S. Department of Homeland Security; William Maconachy, PhD and former deputy senior computer science authority at the National Security Agency (NSA); as well as Daniel P Shoemaker, PhD, and Principal Investigator and Senior Research Scientist at UDM’s Center for Cyber Security and Intelligence Studies.

About EC-Council
EC-Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for Information Security professionals. EC-Council is a member-based organization that certifies individuals in various information security and e-business skills. It has been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs. These programs are offered in over 92 countries and over have trained over 120,000 & certified more than 60,000 security professionals through a training network of over 500 training partners globally.

Individuals who have achieved EC-Council certifications include those from some of the finest organizations around the world such as the US Army, the FBI, Microsoft, IBM and the United Nations.

For more information visit: www.eccouncil.org


EC-Council Forewarns Organizations About the Dangers of Phishing Attacks as Cybercriminals Move to More Concentrated Hacking Methods

New research shows that cyber criminals are moving away from mass spam attacks and focusing on more targeted hacking techniques. The most common of these methods is phishing. EC-Council has released a comprehensive guide on steps organizations can take to prevent disastrous security breaches.
February 13, 2012, Albuquerque, NM- Recent research shows that cybercriminals have moved from large mass spam attacks to more targeted techniques. One of the most common of these attacks is phishing, an attempt by cybercriminals and identity thieves to obtain sensitive information by masquerading as a legitimate and trustworthy source.

In order to keep organizations’ information secure, it is crucial for Information Assurance leaders to understand the two types of phishing methods: spear phishing and whaling, and the devastating risks they carry. Spear phishing is the most commonly used phishing method. Experts cite the amount of money generated as the reason for the switch to more concentrated attacks.

According to recent research conducted by Cisco, “Spear phishing attacks have proven to be both highly dangerous to victims and immensely valuable to cyber criminals. A vastly customized phishing attack can net 10 times the profit of a mass attack.” Cisco estimates the annual global cost of targeted attacks to organizations is $1.29 billion.

Sameer Shelke, IT Services and Risk Management Leader, says “Tackling phishing attacks can be immensely challenging as phishing emails are usually very convincing and it is hard to distinguish them from genuine emails. Risk management and control mechanisms against such social engineering attacks need to be dynamic in order to keep up with evolving security risks.” Shelke goes on to say, “While upgrading to advanced security solutions is crucial, educating people about phishing is also equally important.”

 

EC-Council recently released a White Paper written by Shelke that explores differences between spear phishing and whaling and offers solutions to combat phishing attacks. To download Shelke’s White Paper “Shield Your Business – Combat Phishing Attacks”, please visit: https://www.eccouncil.org/ciso/resourcesTo be successful at combating these attacks, an organization needs to have strong leadership in place. An effective Chief Information Security Officer (CISO) will lead a high performing information security (IS) program that protects against cyber crime and security breaches. EC-Council created the Global CISO Executive Summit Series to unite the IS leaders across the world in the fight against cyber crime. The CISO Executive Summits provide a platform for continuous learning where the most recent infosec threats and landscape evolution can be discussed.

 

EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts If this White Paper is of interest, it is encouraged to also look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series. To view the full report from the CISO Executive Summit, please go to this link. If you would like to attend or speak at upcoming CISO Executive Summits and would like to receive more information, please click here.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

 

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


Organizations Engage in Certification Training to Protect Against Cyber Attacks

The recent increase in security breaches has caused many organizations to put a greater emphasis on improving the skills of the information security (IS) workforce. Research shows IS certifications lead to improved job performance and higher returns on investment. EC-Council’s Chief Information Security Officer Certification (C|CISO) equips CISOs with the most effective toolset to lead a high performing information security program and defend the company from cyber attacks.

February 14, 2012, Albuquerque, NM- Recent research by Ponemon Institute has shown that the average cost of cybercrime has increase by 56%. The complex and dynamic nature of the current risk landscape is causing organizations to put a greater focus on training of its workforce. A current study by Global Knowledge cites that managers believe certified information security professionals are 80% more effective at their jobs post certification. Further, studies show that investing in certifications can yield higher return on investment (ROI).

According to a study by IBM, “When business partners are grouped by the number of certified individuals on staff, those with higher levels of certifications exhibit measurably higher revenue per certified individual, and the value of each additional certification improves team performance.” IBM estimates that every $1 invested in learning and certifications averages a return in revenue of $345. In addition to an increase in revenue, certifications improve team performance by 11%.

The need for having a highly skilled information security team has never been greater. Jay Bavisi, President and Co-Founder of EC-Council, stated “The information security industry has changed tremendously in the past few years. This year alone, large corporations and governments around the world have suffered devastating and extremely costly cyber attacks. With the need to fulfill the IS industry’s growing needs for strong leadership, the Chief Information Security Officer Certification (C|CISO) was designed to complement the use of high-end technology with empowered and experienced executives who are ready to direct the information security team in today’s complex environment.”

EC-Council’s Chief Information Security Officer Certification prepares Chief Information Security Officers (CISOs) to defend their organizations from security breaches by actively improving the current information technology security solutions, enforcing regulatory requirements and aligning IS with the strategic needs and goals of their organization. This skill set enables the CISO to be the best guardian of their organization’s digital assets. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso.

According to SC Magazine companies that employ a CISO to lead an effective IS program are 10 times less likely to experience costly security breaches. Today’s risk landscape makes it almost impossible to protect against data loss and theft without the skills of a highly trained IS leader, like a CISO. Certifications provide the CISO with the tools needed to effectively protect the organization from cybercrime. To view additional CISO resources, please click this link.

Contact:

Marissa Easter- Marketing Communications Specialist- marissa.easter@eccouncil.org
About EC-Council’s Chief Information Security Officer (C|CISO) Certification:
C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


Research Proves Best Performing Companies Employ a CISO with a High-Performing Security Program

Research done by SC Magazine proves that organizations that have a Chief Information Security Officer (CISO) have higher profit margins, generate more revenue, and display increased productivity.

January 31, 2012, Albuquerque, NM- EC-Council has released a new white paper that gives comprehensive strategies to CISOs on leading a high-performing information security (IS) program. According to research done by SC Magazine, companies that have an active CISO role and high-performing security program generate more revenue, spend less money, are more productive, and have reduced risks. However, the complexities and challenges of the organization’s infrastructure create daily traps that distract IS teams from carrying out tactical and strategic functions.

An effective CISO and well-run information security program can save a company almost 10% of total revenue. SC Magazine’s “Want to Reduce IT Risk and Save Money? Hire a CISO” article cites that this saving in gross revenue is accredited to a decreased risk of data loss and theft. Further, the article cites that the most successful companies that employ a CISO to lead an effective IS program are 10 times less likely to experience costly security breaches.

 

Chief Information Security Officer Summit Todd Bell, Executive IT Security Advisor at ConnectTech, LLC., says “Today’s threat landscape requires CISOs to develop and implement a high-performing information security (IS) program. One of the biggest challenges is not letting the torrent of corporate issues interfere with the overall effectiveness of the IT security team.” Bell, a speaker at EC-Council’s CISO Executive Summit in December 2011, was inspired by his panel role in the “Implementing a High-Performing Information Security Program” discussion and developed a how-to-guide for CISOs on leading a high-performing IS program. To view the White Paper, please go to: http://goo.gl/pxmY5 “Simply put, CISOs contribute to better business results by ensuring security measures are fully implemented, standardizing and automating procedures, and by taking a strategic role with the organization to make information security a part of a business process.” Affirms Jim Hurley, managing director of Symantec’s IT Policy Compliance Group.

 

EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts. Readers of this White Paper are also encouraged to look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series. To view the full report complete with key takeaways from the CISO Executive Summit or to attend or speak at upcoming CISO Executive Summits, please click here. If you would like to receive more information about EC-Council’s Chief Information Security Officer Certification program, please click here.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


World’s Most Comprehensive Computer Forensics Certification – Computer Hacking Forensics Investigator (C|HFI) Version 8 is Available Now

EC-Council releases the brand new Version 8 of the Computer Hacking Forensics Investigator (C|HFI) Certification Program. C|HFI is designed to equip security professionals with the necessary skills to identify an intruder’s footprints and to properly gather the required evidence to prosecute in the court of law.

January 24, 2012, Albuquerque, New Mexico – EC-Council announces the availability of the all-new Version 8 of the Computer Hacking Forensics Investigator (C|HFI) program. The program will be available on February 27th, 2012 exclusively in 20 training centers across 15 countries.

A report by Symantec confirms that “Cybercrime has surpassed illegal trafficking as the leading criminal money maker.” With lucrative returns, low risk and difficulty of providing admissible evidence in courts of law, computer and networks become the fastest growing technology tools favored by criminals. With the cost of security breaches almost tripling every two years, organizations need to designate well-trained security professionals to perform digital discovery, evidence acquisition and analysis in an acceptable manner to ensure that they trace, reduce or eliminate key security risks that face their organizations.

EC-Council C|HFIv8 program prepares designated security professionals to track, investigate and apprehend cyber criminals from the inside and outside of the organization.

CHFIv8 presents a detailed methodological approach towards computer forensics and evidence analysis. It is a comprehensive course covering important forensic investigation scenarios that enables students to acquire hands-on experience on various forensic investigation techniques and standard forensic tools. This skillset is necessary to successfully carryout a thorough computer forensic analysis leading to prosecution of perpetrators.

Among the salient features of the C|HFIv8 are:

Jay Bavisi, President of EC-Council said, “According to PwC’s information security Breaches Survey 2010, nearly half of the large organizations admit that they have experienced insider threats (misuse of web and email access, misuse of confidential information, and unauthorized access to systems or data). Organizations today face a very challenging threat in the form of insider abuse that must be addressed to ensure the safety of their organizations’ digital assets.”

A C|HFI v8 professional will be able to understand:

How to track e-mails and investigate e-mail crimes.

EC-Council has certified professionals from Fortune 500 companies as well as various IT giants, conglomerates and government agencies around the world. The corporations and agencies include: US Department of Defence, FBI, CIA, Microsoft, Symantec, Deloitte, and IBM.
For more information, please contact the nearest authorized training center or http://eccouncil.org/chfi/index.html.

Contact:

Kanesan Visvanathan- Products and Operations Executive- kanesan@eccouncil.org

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) certification and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


Global Increase in Outsourcing Leaves Companies Open to Information Security Breaches

Companies must find ways to manage the benefits and risks of outsourcing as almost two-thirds of Information Technology (IT) infrastructure is predicted to be outsourced within the next 8 years. EC-Council CISO Summit panel discussion suggests that increased information security compliance plans, continuous education, and knowledge sharing may prove to be the best solution.

January 23, 2012, Albuquerque, NM- Global economic troubles have motivated many companies to seek alternative means of conducting business that will cut costs and maximize profits. One of the most popular and effective methods is outsourcing Information Security (IS) infrastructure. According to a recent study commissioned by Savvis, Inc. this number is predicted to increase from 17% to over 64% globally by 2020. Security outsourcing has its benefits; however, it also comes with an array of risks.

Jeff Tutton, President of Global Security and Compliance at Intersec Worldwide, recently lead an interactive panel discussion centered on outsourcing and information security management at EC-Council’s Inaugural CISO (Chief Information Security Officer) Executive Summit in Las Vegas held from Dec 5-6th. Jeff Tutton was joined by Todd Bell, Executive IT Security Advisor, ConnectTech, LCC, Inno Eroraha, Founder & CEO, NetSecurity Corporation, Chris Oglesby, Senior VP, Knowledge Consulting Group, and Edward Ray, CISO, MMICMAN, LLC. The panel discussion addressed the challenges of managing risk and monitoring the outsourcing company’s performance, while complying with recent industry changes such as SAS70 and PCI compliance. To view an interactive video of the panel discussion, please visit: http://goo.gl/SwxEj

“The challenges of outsourcing are similar to those you may have with the acquisition (insourcing) process. When acquiring a new company you need to ensure that due diligence has been completed prior to acquisition and integration, as you now will be responsible for the security of that company’s data. This is the same with outsourcing,” said Tutton. “Hire a trusted and qualified third party to complete a thorough evaluation of the outsourcing company. But don’t just stop there, put in place methods and controls to monitor and maintain the security of this data during the entire lifecycle. Trust but verify, and assign responsibility to a qualified person within your organization to manage and maintain oversight of security. Another option is to outsource only the data and systems that you want to end up in the public domain.”

Tutton’s panel discussion presented a detailed overview of the benefits and challenges of outsourcing in respect to Information Security (IS). Globally, over 60% of organizations cite that managing the IT infrastructure domestically does not have any competitive advantages and are planning to move operations offshore. However, many offshore companies do not have the same legal restrictions as the United States. For instance, India, one of the biggest destinations for offshore outsourcing, does not have any data privacy laws. This lax in law enforcement leaves confidential information vulnerable to security breaches.

Last year, Epsilon, a cloud-based email service provider, suffered a security breach that landed up affecting around 75 clients and compromised over 60 million personal names and email addresses. Security breaches such as this can be extremely costly and detrimental to a company’s reputation.

“If an organization is looking to do a large infrastructure outsourcing engagement, the best way to ensure that security is a priority is to build a comprehensive list of security requirements into outsourcing contracts, develop appropriate service level agreements and reporting mechanisms to evaluate security and budget for a review by an independent assessment organization – this will ensure that security always stays top of mind,” said panel speaker Chris Oglesby. “If, however, the decision is to outsource infrastructure and security separately then the security operations should drive the direction and outcomes and create independence between the organizations to meet the client needs.”

In the future, companies need to employ executive IS leaders who will develop methods to adequately protect their IT infrastructure when outsourcing in-house responsibilities. Platforms, such as EC-Council’s CISO Summit Series, provide a means for top-level IS executives to gather and discuss the latest industry challenges. Continuous education and knowledge sharing will provide solutions to the quandaries top-executives face on a daily basis. For more information on upcoming EC-Council CISO Executive Summits, please visit: http://www.eccouncil.org/cisosummit.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

About EC-Council CISO Executive Summit Series:

EC-Council CISO Executive Summit Series strives to unite the top Information Security (IS) leaders across the world in the fight against cyber crime and IS threats, while providing a platform for continuous learning where the most recent Information Security threats and landscape evolution can be discussed and debated.‬ Designed by EC-Council, the 1st in the CISO Executive Summit Series made its debut in Las Vegas, NV in December 2011. Due to the nature of the discussions, all CISO Summits are closed-door events open only to senior information security executives (C-levels, VPs, Senior Directors, etc.). http://www.eccouncil.org/cisosummit

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.

http://www.eccouncil.org/ciso/


As The Threat of Security Breaches Escalates to All Time Highs Across International Borders, EC-Council Announces Its 1st Series of Global CISO Executive Summits

Today’s cyber threats are not limited to a specific industry or country, but are infiltrating industries across the world on a grand scale. Leaders of information security must come together and set a course to discover ways to overcome these challenges.

November 30, 2011 Albuquerque, NM- EC-Council has announced a new Global CISO Executive Summit Series. The CISO Executive Summit 2011 is 1st of the series and will be held from December 5-6, 2011 at The M Resort in Las Vegas, NV. The mission of the CISO Executive Summit is to unite the top information security leaders across the world in the fight against cyber crime and information security threats.

Jay Bavisi, President of EC-Council, states the reason behind the Global CISO Executive Summit Series is that, “Knowledge transfer and exchange has always been a challenge for organizations. Our intent for this exclusive and high-level event is distinctly clear- it is to create a platform to facilitate effective knowledge exchange, where the information security threats and landscape evolution are being discussed and debated.”

The need for a platform designed specifically for top information security executives to gather and share information has never been more needed as industry professionals have called 2011 the “Year of Security Breaches.” According to Shawn Davis, FBI Executive Assistant Director, a company that recently became a victim of a security breach lost over $1 billion and 10 years worth of research and development virtually overnight. The surge in security breaches has heightened awareness across industries and lead to increased involvement of information security executive management. EC-Council’s Global CISO Executive Summit Series will connect top industry professionals across the world and create an arena for knowledge sharing and discussion.

EC-Council has designed the CISO Executive Summit 2011 as a panel-based event to encourage dialogue of the industry’s most recent topics, trends, and best practices. The event will feature over 40 prominent speakers from the private, public, and government sectors. To view a complete list of speakers, please visit http://www.eccouncil.org/cisosummit. Due to the nature of the discussions that will take place; this will be a closed-door event open only to senior information security executives (C-levels, VPs, Senior Directors, etc.).
The CISO Executive Summit will provide a platform for:

Knowledge Sharing: Sharing best practices and knowledge to overcome the challenges that the industry presents today so that leaders are prepared to defend tomorrow.

Networking: Networking with the industry’s leading security professionals and developing the support that will help design, develop and manage the most effective information security strategy for organizations.

Shaping the Future: Sharing knowledge and experience with colleagues to develop a global Summit format with a focus on international information security concerns.

The EC-Council CISO Executive Summit will be a forum to explore IT Security, privacy and risk and compliance issues such as:

For more information or to register, visit http://www.eccouncil.org/cisosummit.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa. easter@eccouncil.org)

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and information security skills. It is the owner and creator of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), as well as many other programs that are offered in over 60 countries through a global training network of more than 450 training partners. For more information, visit http://www.eccouncil.org

Summit will be a forum to exploreIT security, privacy