MasterClass Executive Management Program

MasterClass Logo Executive Management Program Don’t just take a class. Join a Program.

MasterClass Executive Management Program

CISO is the highest paid job title in cybersecurity. Here at EC-Council MasterClass, we’ve developed the most robust and cost-effective training program to help you gain the credentials you need to learn the skills you need to lead as an executive in cyber-security.

Our Executive Management Program combines the industry leading CCISO program with deep dives into risk and project management via our Risk Management Approach and Practice and Certified Project Manager classes. When you combine the unparalleled in-person training you’ll receive in our CCISO class with the ability to study risk and project management in depth on your own time via our on-demand video training, you get a wholistic view of the role of a CISO and how to align your security expertise with the goals of a company.

In addition to the executive management training, our Program includes an annual standing invitation to the Global CISO Forum, EC-Council’s executive conference, to boost your network; a free OhPhish license that enables you to run a phishing simulation to test your company’s user awareness; and a 100-user license of EC-Council’s Certified Secure Computer User class to train any of your users who need it!

The MasterClass Package Includes:


Certified Chief Information
Security Officer (CCISO):

  • EC-Council Certified CISO (CCISO) Live Course - $3,499
    • CCISO Printed Courseware (US courses Only)
    • CCISO Certification Exam
    • Exam Insurance Program - $500
  • CCISO Online Self-Paced Streaming Video Course (1 year access) - $2499

AND

Risk Management Approach & Practices

  • Risk Management Approach and Practices Deep Dive Online Self-Paced Streaming Video Course - $799
  • RM E-Courseware

AND

Certified Project Manager

  • Certified Project Manager (CPM) Online Self-Paced Streaming Video Course
  • CPM E-Courseware
  • CPM Exam Voucher - $1899

AND

  • Automatic invitation and free pass to Global CISO Forum, EC-Council’s annual executive invite-only event - $399
  • Cybersecurity *Meet Up Networking Event (Priceless)

*Meet-ups are subject to availability, space, instructor schedules, and local interest.

  • 20% off Voucher for next course
  • Certified Secure Computer User (CSCU) License up to 100 users*

*You have 1 year from the date of training to request Certified Secure Computer User (CSCU) License.

  • Oh Phish license [One free OhPhish License capable of launching one email phishing simulation campaign for up to 2,000 users and is valid for 3 months after activation. ]

Total Value: $9,495

Package Rate: $3,499


Ready to get started?

Select the location you are interested in to see upcoming training dates.

Why MasterClass?

The Most Robust Executive Preparation

To be a great security executive, you need the knowledge, the network, and the tools to train the end users at your organization not to be the weak link in your defenses.

Knowledge

The Executive Management MasterClass Program includes three courses and the top cyber-security certification on the market.

Students will attend the live EC-Council Certified CISO course with project management and risk management deep dive add-ons to help round out your executive education. There is a trend in the industry for a CISO to have an MBA in order to show expertise and engagement with the business world. If you don’t have the time or money to invest in a new master’s degree, consider our executive management program as an alternative. We make sure to emphasize the importance of aligning security to the business and teach you the business skills you’ll need, but through a cyber-security lens.

Network

In addition to the executive management training, our Program includes an annual standing invitation to the Global CISO Forum (GCF), EC-Council’s executive conference, to boost your network. The GCF combines high-level talks from the most exciting CISOs in the industry, panel discussions that involve the audience, hands-on exercises to help you put your know-how to work, and networking sessions with hundreds of CISOs from around the world. Additionally, your live class includes a mid-week networking session with local cybersecurity professionals and special guest speakers to bring in new points of view to your week of learning!

End-User Training

The Executive Management MasterClass Program includes a free OhPhish license that enables you to run a phishing simulation to test your company’s user awareness. Tailor your campaign to match your industry, company, and more to find out where your weak links are. You also receive a 100-user license of EC-Council’s Certified Secure Computer User class to train any of your users who need it! Our program allows you to return to work after your week of training armed with the information you need to keep your company as secure as possible!

Exam Insurance Program

Here at Masterclass we know that test taking can be very stressful, so we have developed a program to put your mind at ease.

While no one can guarantee that you will pass the exam, we can offer you Exam Insurance: If you fail either certification exam included in this program on the first attempt, EC-Council will pay for the next attempt. Any further attempts can be purchased at the reduced “retake” rate.

About Certified Chief Information Security Officer (CCISO)

About CCISO

EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

In order to sit for the CCISO exam and earn the certification, candidates must meet the basic CCISO requirements. Candidates who do not yet meet the CCISO requirements but are interested in information security management can pursue the EC-Council Information Security Management (EISM) certification.

Why CCISO?

The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Bringing together all the components required for C-Level positions, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. The job of the CISO is far too important to be learned by trial and error. Executive-level management skills are not areas that should be learned on the job.

Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many sitting and aspiring CISOs have. This can be a crucial gap as the practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.

CCISO Domains

Domain 1: Governance and Risk Management

Domain 1: Governance and Risk Management

1. Define, Implement, Manage, and Maintain an Information Security Governance Program

  • 1.1. Form of Business Organization
  • 1.2. Industry
  • 1.3. Organizational Maturity

2. Information Security Drivers

3. Establishing an information security management structure

  • 3.1. Organizational Structure
  • 3.2. Where does the CISO fit within the organizational structure
  • 3.3. The Executive CISO
  • 3.4. Nonexecutive CISO

4. Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures

5. Managing an enterprise information security compliance program

  • 5.1. Security Policy
  • 5.1.1. Necessity of a Security Policy
  • 5.1.2. Security Policy Challenges
  • 5.2. Policy Content
  • 5.2.1. Types of Policies
  • 5.2.2. Policy Implementation
  • 5.3. Reporting Structure
  • 5.4. Standards and best practices
  • 5.5. Leadership and Ethics
  • 5.6. EC-Council Code of Ethics

6. Introduction to Risk Management

  • 3.1. Organizational Structure
  • 3.2. Where does the CISO fit within the organizational structure
  • 3.3. The Executive CISO
  • 3.4. Nonexecutive CISO

Domain 2: Information Security Controls, Compliance, and Audit Management

Domain 2: Information Security Controls, Compliance, and Audit Management

1. Information Security Controls

  • 1.1. Identifying the Organization’s Information Security Needs
  • 1.1.1. Identifying the Optimum Information Security Framework
  • 1.1.2. Designing Security Controls
  • 1.1.3. Control Lifecycle Management
  • 1.1.4. Control Classification
  • 1.1.5. Control Selection and Implementation
  • 1.1.6. Control Catalog
  • 1.1.7. Control Maturity
  • 1.1.8. Monitoring Security Controls
  • 1.1.9. Remediating Control Deficiencies
  • 1.1.10. Maintaining Security Controls
  • 1.1.11. Reporting Controls
  • 1.1.12. Information Security Service Catalog

2. Compliance Management

  • 2.1. Acts, Laws, and Statutes
  • 2.1.1. FISMA
  • 2.2. Regulations
  • 2.2.1. GDPR
  • 2.3. Standards
  • 2.3.1. ASD—Information Security Manual
  • 2.3.2. Basel III
  • 2.3.3. FFIEC
  • 2.3.4. ISO 00 Family of Standards
  • 2.3.5. NERC-CIP
  • 2.3.6. PCI DSS
  • 2.3.7. NIST Special Publications
  • 2.3.8. Statement on Standards for Attestation Engagements No. 16 (SSAE 16)

3. Guidelines, Good and Best Practices

  • 3.1. CIS
  • 3.1.1. OWASP

4. Audit Management

  • 4.1. Audit Expectations and Outcomes
  • 4.2. IS Audit Practices
  • 4.2.1. ISO/IEC Audit Guidance
  • 4.2.2. Internal versus External Audits
  • 4.2.3. Partnering with the Audit Organization
  • 4.2.4. Audit Process
  • 4.2.5. General Audit Standards
  • 4.2.6. Compliance-Based Audits
  • 4.2.7. Risk-Based Audits
  • 4.2.8. Managing and Protecting Audit Documentation
  • 4.2.9. Performing an Audit
  • 4.2.10. Evaluating Audit Results and Report
  • 4.2.11. Remediating Audit Findings
  • 4.2.12. Leverage GRC Software to Support Audits

5. Summary

Domain 3: Security Program Management & Operations

Domain 3: Security Program Management & Operations

1. Program Management

  • 1.1. Defining a Security Charter, Objectives, Requirements, Stakeholders, and Strategies
  • 1.1.1. Security Program Charter
  • 1.1.2. Security Program Objectives
  • 1.1.3. Security Program Requirements
  • 1.1.4. Security Program Stakeholders
  • 1.1.5. Security Program Strategy Development
  • 1.2. Executing an Information Security Program
  • 1.3. Defining and Developing, Managing and Monitoring the Information Security Program
  • 1.3.1. Defining an Information Security Program Budget
  • 1.3.2. Developing an Information Security Program Budget
  • 1.3.3. Managing an Information Security Program Budget
  • 1.3.4. Monitoring an Information Security Program Budget
  • 1.4. Defining and Developing Information Security Program Staffing Requirements
  • 1.5. Managing the People of a Security Program
  • 1.5.1. Resolving Personnel and Teamwork Issues
  • 1.5.2. Managing Training and Certification of Security Team Members
  • 1.5.3. Clearly Defined Career Path
  • 1.5.4. Designing and Implementing a User Awareness Program
  • 1.6. Managing the Architecture and Roadmap of the Security Program
  • 1.6.1. Information Security Program Architecture
  • 1.6.2. Information Security Program Roadmap
  • 1.7. Program Management and Governance
  • 1.7.1. Understanding Project Management Practices
  • 1.7.2. Identifying and Managing Project Stakeholders
  • 1.7.3. Measuring the Effectives of Projects
  • 1.8. Business Continuity Management (BCM) and Disaster Recovery Planning (DRP)
  • 1.9. Data Backup and Recovery
  • 1.10. Backup Strategy
  • 1.11. ISO BCM Standards
  • 1.11.1. Business Continuity Management (BCM)
  • 1.11.2. Disaster Recovery Planning (DRP)
  • 1.12. Continuity of Security Operations
  • 1.12.1. Integrating the Confidentiality, Integrity and Availability (CIA) Model
  • 1.13. BCM Plan Testing
  • 1.14. DRP Testing
  • 1.15. Contingency Planning, Operations, and Testing Programs to Mitigate Risk and Meet Service Level Agreements (SLAs)
  • 1.16. Computer Incident Response
  • 1.16.1. Incident Response Tools
  • 1.16.2. Incident Response Management
  • 1.16.3. Incident Response Communications
  • 1.16.4. Post-Incident Analysis
  • 1.16.5. Testing Incident Response Procedures
  • 1.17. Digital Forensics
  • 1.17.1. Crisis Management
  • 1.17.2. Digital Forensics Life Cycle

2. Operations Management

  • 2.1. Establishing and Operating a Security Operations (SecOps) Capability
  • 2.2. Security Monitoring and Security Information and Event Management (SIEM)
  • 2.3. Event Management
  • 2.4. Incident Response Model
  • 2.4.1. Developing Specific Incident Response Scenarios
  • 2.5. Threat Management
  • 2.6. Threat Intelligence
  • 2.6.1. Information Sharing and Analysis Centers (ISAC)
  • 2.7. Vulnerability Management
  • 2.7.1. Vulnerability Assessments
  • 2.7.2. Vulnerability Management in Practice
  • 2.7.3. Penetration Testing
  • 2.7.4. Security Testing Teams
  • 2.7.5. Remediation
  • 2.8. Threat Hunting

3. Summary

Domain 4: Information Security Core Competencies

Domain 4: Information Security Core Competencies

1. Access Control

  • 1.1. Authentication, Authorization, and Auditing
  • 1.2. Authentication
  • 1.3. Authorization
  • 1.4. Auditing
  • 1.5. User Access Control Restrictions
  • 1.6. User Access Behavior Management
  • 1.7. Types of Access Control Models
  • 1.8. Designing an Access Control Plan
  • 1.9. Access Administration

2. Physical Security

  • 2.1. Designing, Implementing, and Managing Physical Security Program
  • 2.1.1. Physical Risk Assessment
  • 2.2. Physical Location Considerations
  • 2.3. Obstacles and Prevention
  • 2.4. Secure Facility Design
  • 2.4.1. Security Operations Center
  • 2.4.2. Sensitive Compartmented Information Facility
  • 2.4.3. Digital Forensics Lab
  • 2.4.4. Datacenter
  • 2.5. Preparing for Physical Security Audits

3. Network Security

  • 3.1. Network Security Assessments and Planning
  • 3.2. Network Security Architecture Challenges
  • 3.3. Network Security Design
  • 3.4. Network Standards, Protocols, and Controls
  • 3.4.1. Network Security Standards
  • 3.4.2. Protocols

4. Certified Chief

  • 4.1.1. Network Security Controls
  • 4.2. Wireless (Wi-Fi) Security
  • 4.2.1. Wireless Risks
  • 4.2.2. Wireless Controls
  • 4.3. Voice over IP Security

5. Endpoint Protection

  • 5.1. Endpoint Threats
  • 5.2. Endpoint Vulnerabilities
  • 5.3. End User Security Awareness
  • 5.4. Endpoint Device Hardening
  • 5.5. Endpoint Device Logging
  • 5.6. Mobile Device Security
  • 5.6.1. Mobile Device Risks
  • 5.6.2. Mobile Device Security Controls
  • 5.7. Internet of Things Security (IoT)
  • 5.7.1. Protecting IoT Devices

6. Application Security

  • 6.1. Secure SDLC Model
  • 6.2. Separation of Development, Test, and Production Environments
  • 6.3. Application Security Testing Approaches
  • 6.4. DevSecOps
  • 6.5. Waterfall Methodology and Security
  • 6.6. Agile Methodology and Security
  • 6.7. Other Application Development Approaches
  • 6.8. Application Hardening
  • 6.9. Application Security Technologies
  • 6.10. Version Control and Patch Management
  • 6.11. Database Security
  • 6.12. Database Hardening
  • 6.13. Secure Coding Practices

7. Encryption Technologies

  • 7.1. Encryption and Decryption
  • 7.2. Cryptosystems
  • 7.2.1. Blockchain
  • 7.2.2. Digital Signatures and Certificates
  • 7.2.3. PKI
  • 7.2.4. Key Management
  • 7.3. Hashing
  • 7.4. Encryption Algorithms
  • 7.5. Encryption Strategy Development
  • 7.5.1. Determining Critical Data Location and Type
  • 7.5.2. Deciding What to Encrypt
  • 7.5.3. Determining Encryption Requirements
  • 7.5.4. Selecting, Integrating, and Managing Encryption Technologies

8. Virtualization Security

  • 8.1. Virtualization Overview
  • 8.2. Virtualization Risks
  • 8.3. Virtualization Security Concerns
  • 8.4. Virtualization Security Controls
  • 8.5. Virtualization Security Reference Model

9. Cloud Computing Security

  • 9.1. Overview of Cloud Computing
  • 9.2. Security and Resiliency Cloud Services
  • 9.3. Cloud Security Concerns
  • 9.4. Cloud Security Controls
  • 9.5. Cloud Computing Protection Considerations

10. Transformative Technologies

  • 10.1. Artificial Intelligence
  • 10.2. Augmented Reality
  • 10.3. Autonomous SOC
  • 10.4. Dynamic Deception
  • 10.5. Software-Defined Cybersecurity

11. Summary

Domain 5: Strategic Planning, Finance, Procurement and Vendor Management

Domain 5: Strategic Planning, Finance, Procurement and Vendor Management

1. Strategic Planning

  • 1.1. Understanding the Organization
  • 1.1.1. Understanding the Business Structure
  • 1.1.2. Determining and Aligning Business and Information Security Goals
  • 1.1.3. Identifying Key Sponsors, Stakeholders, and Influencers
  • 1.1.4. Understanding Organizational Financials
  • 1.2. Creating an Information Security Strategic Plan
  • 1.2.1. Strategic Planning Basics
  • 1.2.2. Alignment to Organizational Strategy and Goals
  • 1.2.3. Defining Tactical Short, Medium, and Long-Term Information Security Goals
  • 1.2.4. Information Security Strategy Communication
  • 1.2.5. Creating a Culture of Security

2. Designing, Developing, and Maintaining an Enterprise Information Security Program

  • 2.1. Ensuring a Sound Program Foundation
  • 2.2. Architectural Views
  • 2.3. Creating Measurements and Metrics
  • 2.4. Balanced Scorecard
  • 2.5. Continuous Monitoring and Reporting Outcomes
  • 2.6. Continuous Improvement
  • 2.7. Information Technology Infrastructure Library (ITIL) Continual Service Improvement (CSI)

3. Understanding the Enterprise Architecture (EA)

  • 3.1. EA Types
  • 3.1.1. The Zachman Framework
  • 3.1.2. The Open Group Architecture Framework (TOGAF)
  • 3.1.3. Sherwood Applied Business Security Architecture (SABSA)
  • 3.1.4. Federal Enterprise Architecture Framework (FEAF)

4. Finance

  • 4.1. Understanding Security Program Funding
  • 4.2. Analyzing, Forecasting, and Developing a Security Budget
  • 4.2.1. Resource Requirements
  • 4.2.2. Define Financial Metrics
  • 4.2.3. Technology Refresh
  • 4.2.4. New Project Funding
  • 4.2.5. Contingency Funding
  • 4.3. Managing the information Security Budget
  • 4.3.1. Obtain Financial Resources
  • 4.3.2. Allocate Financial Resources
  • 4.3.3. Monitor and Oversight of Information Security Budget
  • 4.3.4. Report Metrics to Sponsors and Stakeholders
  • 4.3.5. Balancing the Information Security Budget

5. Procurement

  • 5.1. Procurement Program Terms and Concepts
  • 5.1.1. Statement of Objectives (SOO)
  • 5.1.2. Statement of Work (SOW)
  • 5.1.3. Total Cost of Ownership (TCO)
  • 5.1.4. Request for Information (RFI)
  • 5.1.5. Request for Proposal (RFP)
  • 5.1.6. Master Service Agreement (MSA)
  • 5.1.7. Service Level Agreement (SLA)
  • 5.1.8. Terms and Conditions (T&C)
  • 5.2. Understanding the Organization’s Procurement Program
  • 5.2.1. Internal Policies, Processes, and Requirements
  • 5.2.2. External or Regulatory Requirements
  • 5.2.3. Local Versus Global Requirements
  • 5.3. Procurement Risk Management
  • 5.3.1. Standard Contract Language

6. Vendor Management

  • 6.1. Understanding the Organization’s Acquisition Policies and Procedures
  • 6.1.1. Procurement Life cycle
  • 6.2. Applying Cost-Benefit Analysis (CBA) During the Procurement Process5
  • 6.3. Vendor Management Policies
  • 6.4. Contract Administration Policies
  • 6.4.1. Service and Contract Delivery Metrics
  • 6.4.2. Contract Delivery Reporting
  • 6.4.3. Change Requests
  • 6.4.4. Contract Renewal
  • 6.4.5. Contract Closure
  • 6.5. Delivery Assurance
  • 6.5.1. Validation of Meeting Contractual Requirements
  • 6.5.2. Formal Delivery Audits
  • 6.5.3. Periodic Random Delivery Audits
  • 6.5.4. Third-Party Attestation Services (TPRM)

7. Summary

Meet your Instructor:

What CCISO Students are Saying

About the Exam

There are three cognitive levels tested on the CCISO exam but only two tested on the EISM exam:

  • Level 1 – Knowledge: This cognitive level of questions is used to recall memorized facts. This is the most basic cognitive level rarely accepted on certifications as it merely recognizes the candidate’s ability to memorize information. It can be effectively used when asking for basic definitions, standards or any concrete fact. This level appears on both the CCISO and EISM exam.
  • Level 2 – Application: This cognitive level of questions is used to identify the candidate’s ability to understand the application of a given concept. It differs from Knowledge based questions in the sense that it requires the understanding and correct applicability of a given concept – not just the concept itself. This type of question often quires additional context before the actual question is provided in the stem. This level appears on both the CCISO and EISM exam.
  • Level 3 – Analysis: This cognitive level of questions is used to identify the candidate’s ability to identify and resolve a problem given a series of variables and context. Analysis questions differ greatly from Application based questions in the sense that they require not only the applicability of a concept but also how a concept, given certain constrain can be used to solve a problem. This level appears on the CCISO and not on the EISM exam.

Passing Score

In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 78%.

Exam Details

Number of Questions: 150

Test Duration: 2.5 Hours

Test Format: Multiple Choice

Test Delivery: ECC Exam Portal

Minimum Eligibility Requirements

In order to qualify to sit for the CCISO Exam without taking any training, candidates must have five years of experience in each of the 5 CCISO domains  verified via the Exam Eligibility Application.

To sit for the exam after taking training, candidates must have five years of experience in three of the five CCISO Domains verified via the Exam Eligibility Application.

Waivers for the CCISO are available to Self-Study Candidates

Domain Education Waivers
1. Governance and Risk Management Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years
2. Information Security Controls, Compliance, and Audit Management Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years
3. Security Program Management & Operations Ph.D. Information Security – 3 years, MS Information Security or MS Project Management – 2 years, BS Information Security – 2 years
4. Information Security Core Competencies Ph.D. Information Security – 3 years, MS Information Security – 2 years, BS Information Security – 2 years
5. Strategic Planning, Finance, Procurement, and Vendor Management CPA, MBA, M. Fin. – 3 years

About Certified Project Management

CPM training is an end-to-end project management course that enables professionals track, analyze, optimize, and automate their day-to-day operations by using digital tools and technical advancements provided in this course! CPM is developed in line with the latest industry trends to help current and aspiring Project Managers to achieve their performance objectives through digital technologies.

About Risk Management Approach and Practice Deep Dive

This risk management course is specifically designed to guide a CISO in defining and implementing a risk management approach within an IS program. The course introduces the student to the most common approaches and practices used by organizations worldwide. It is not intended to cover risk outside of the IS enterprise (including financial and business risks).

About the Risk Management Course Content

This risk management course covers the following main subject areas:

  • Risk Management
  • Risk Treatment
  • Risk Management Frameworks
  • Third-Party Risk Management

When the main subject areas are combined, they create an effective risk management program to establish the foundation to protecting information and assets. The specific focus of this course doesn’t allow covering certain topics. Subject areas related to risk––such as threat and vulnerability management, as well as information security controls––simply cannot be covered within the scope of this course.

About Oh Phish

OhPhish is a great way for CCISOs to jumpstart the security awareness programs at their companies at no cost. OhPhish is a simple and user-friendly solution for driving phishing simulations and online trainings. Launching phishing simulations is made easy through pre-existing phishing templates and connectors for authoritative identity repositories (like Active Directory). The solution not only sends customized emails and campaigns, but also tracks responses and actions (like clicking links or opening attachments) in real time, giving trends as well as detailed reports by user, department, or other key demographics.

About CSCU

The Certified Secure Computer User (CSCU) course will immerse students into an interactive environment where they will acquire a fundamental understanding of various computer and network security threats such as identity theft, credit card fraud, online banking phishing scams, virus and backdoors, emails hoaxes, sex offenders lurking online, loss of confidential information, hacking attacks and social engineering.

About the Global CISO Forum

EC-Council’s Global CISO Forum is an invite-only, closed-door event gathering the highest-level executives from across industries and countries to discuss the most pressing issues in information security. Now in its tenth year, the 2020 Global CISO Forum promises to be the best yet with an exciting mix of industries, formats, and interactive presentations.

Past speakers include Erick Rudiak, CISO of Express Scripts; Juan Gomez-Sanchez, CSO of Lennar; Lois Boliek, Director, Security and Risk Management Practice, Hewlett Packard Enterprise; Stuart D. Smith, Enterprise Security Architect for Delta Air Lines; Gary Harbison, CISO of Monsanto; Karthik Swarnam, CISO of Trans Union; Amar Singh, CISO of News International; Curtis Levinson, US Cyber Defense Liaison to NATO; Erin Owens, CISO of Maxim Healthcare; Illyas Kooliyankal, CISO of Abu Dhabi Security Exchange; Anthony Dupree, Chief Information Security Officer and Chief Information Officer for CareerBuilder; Phil Agcaoili, CISO, Elavon & SVP, U.S. Bank; Clarissa Banks, VP, COO – Information Security, E*TRADE; Peter Chronis; CISO, Turner; Mark Sutton, Vice President, CISO, Bain Capital, LP; and many others.

Attendee Feedback from previous Global CISO Forum events:

  • “Excellent insight into an alternate definition on risk and how to answer the question “Are we secure?”
  • “A great combination of solid theory and actionable guidance.”
  • “A discussion of maturity rarely reaches that level of depth and practical application.”
  • “… I got a great idea during the panel discussion for an IP awareness campaign.”
  • “That’s why I come to these things…smart people with great angles on who to improve security incrementally.”

  • “… differing views are best made available in conferences such as the EC-Council CISO Summit. Within these venues, lively discussions explore topics that are of interest to all security managers.”
  • “EC Council’s CISO Summit is an excellent opportunity to interface with not only some of the largest organizations but also the smaller ones as well.”
  • “It was a truly wonderful event. It’s very healthy for information security executives and professionals to get together to share what’s working in their own organization for the betterment of other organizations as well.”
  • “… very well organized with a good mix of talent from diverse industries. The topics were excellent and targeted to the need of the industry today.”

Cybersecurity Meet Up (for live in-person only)

Due to COVID-19, the meet up events have been cancelled/postponed.

EC-Council will host a live meet up the Wednesday evening of the course. The Meet up will be kicked off with a demo presentation given by the instructor and/or a local industry leader. Cybersecurity professionals from all over the region will be invited to network with industry professionals.