EC-Council, Creator of the Certified Ethical Hacker, is Launching First of Its Kind Executive Certification Program, the Certified CISO (CCISO)

Share Article

EC-Council is primarily known for its tremendous success in the Ethical Hacking industry but is making a bold step into the executive arena with their Certified CISO program. The motivation behind this new program is the same as the reasons behind the Certified Ethical Hacker (CEH), their biggest program - there is a gap in the industry.

EC-Council's Certified Chief Information Security Officer Program Launches this week

EC-Council's Certified CISO program is launching around the world with the CCISO Body of Knowledge, the CCISO training program, and an executive-level exam. While the title of Chief Information Security Officer has gained considerable popularity in the last five years, there is still a palpable dearth of both qualified information security executives and companies willing to put security in the C-Suite. This problem is highlighted by Target’s response to their recent security breach. One of the first steps they took to remediate the problems in their security program was to hire a CISO. Many in the industry have posited that if a CISO had been in place sooner, a more cohesive security program would have been developed that would have never allowed the apparent communication gaps that lead to the data breach.

EC-Council hopes that by introducing a certification program that is tied to the title of CISO, the role’s visibility will be enhanced, leading to a change in perspective toward seeing a CISO as a standard part of any company. Another gap the CCISO program addresses deals with the lack of management and communication training the typical CISO receives. While there are other training and certification programs on the market today that address some of the technical aspects of the CISO role, the CCISO is the first to focus on project management, leadership, and strategic program development – skills that are crucial to the success of a CISO and a security program at large. Within the five sections, called Domains, of the CCISO program, there is one section, Domain 4, that deals with technical knowledge, but deep understanding of the technical aspects is assumed – the focus of the program is the implementation of that technical knowledge from an executive perspective.

The CCISO program was developed by CISOs for CISOs. The CCISO exam was written from the perspective of high-level, practicing executives drawing from their daily challenges and career experience. Much of the exam is made up of scenario-based questions. These questions put the candidate right into a situation that a CISO might handled on the job and asks them to apply their knowledge and experience to answer correctly. The CCISO Body of Knowledge was written by a separate group of high-level executives who drew on their deep knowledge to delve deep into each of the five domains. The CCISO class is based on the CCISO Body of Knowledge and is taught by CCISO instructor Todd Fitzgerald, a practicing security executive. Fitzgerald uses his insights to bring the concepts of the program to life, drawing on his own experiences to illustrate abstract concepts or show how the application of a certain framework can impact the effectiveness of a security program.

Members of the CCISO program are already seeing results from attaining the certification. Said one member on a recent survey, “ … [The CCISO] is becoming an industry recognized, executive-level infosec certification and demonstrates a top down commitment to continuing-level education for C-Levels. This is a great way to lead by example and encourage employees to pursue career growth.” Another current CCISO mentioned the potential for the growth of the program, saying “ … I only maintain certifications that I believe I can add value to as they add value to me and I appreciate being a relatively 'young' C|CISO. I believe this certification, along with its perspective and awareness, will age well.”

More information about the CCISO program can be found here:

About EC-Council
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. EC Council is the owner and developer of the world-famous E-Council Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Tester (LPT) programs, and various others offered in over 60 countries around the globe. These certifications are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council’s Certified Ethical Hacking (CEH), Network Security Administrator (ENSA), Computer Hacking Forensics Investigator (CHFI), Disaster Recovery Professional (EDRP), Certified Security Analyst (E|CSA) and Licensed Penetration Tester (LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National Standards Institute (ANSI).

For more information about EC-Council, please visit

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Amber Williams
Follow >
since: 06/2011
Like >
Visit website