The Courses listed below are official EC-Council courses. Don’t see dates in your area? Click here to see authorized training center CCISO courses.
Instructor: Eric Svetcov
Duration: 5 DAYS
Certification: C|CISO Certified Chief Information Security Officer
The Certified CISO (C|CISO) course has certified leading information security professionals around the world and is the first of its kind training and certification program aimed at producing top-level Information Security Leaders. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by seasoned CISOs for current and aspiring CISOs.
C|CISO Material assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The C|CISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the C|CISO Training Program can be the key to a successful transition to the highest ranks of information security management.
Eric is currently the CSO at MedeAnalytics, a leading Cloud Computing company delivering services for the healthcare system (including hospitals, physician practices, and payers). He has extensive experience working in operations and information security for Cloud Computing companies, including taking Salesforce.com through ISO 27001 certification during his 2 year stint as Information Security Director and running operations for two other Cloud Computing companies, Netfile and Grassroots Enterprise. His experience stretches beyond US borders as he spent two years in New Zealand leading the National Information Security and Business Continuity practice for KPMG and then working for NTT/Dimension Data in New Zealand and Singapore where he led the Incident Response and Computer Forensics practice for Asia/Pac. Eric has published articles on Information Security and IT in various magazines including Computerworld, SC Magazine, Inside Homeland Security, and Windows NT Systems, has presented training programs in many countries around the world, and is a regular speaker at industry events in the United States, Asia, and Oceania.
Domain 1 covers the importance of Governance, including solid policy writing, aligning the security program to industry-recognized frameworks, and adhering to sometimes contradicting law and regulations.
Domain 2 focuses on Management Controls, Audit Management, and Risk Management, leading students through detailed examples of how to run an audit as well as implement audit findings, choosing the correct management controls for each situation, and the importance of understanding asset value, risk tolerance, and risk treatment plans.
Domain 3 focuses on what makes up the bulk of a CISO’s day – Project Management and the importance of ensuring information security is part of projects from their inception.
Domain 4 is the only CCISO Domain that focuses on technical topics as a high level of technical proficiency is assumed of all CCISO students. Domain 4 stresses the importance of understanding technology and information security core concepts in order to lead teams of technicians and analysts and make decisions around technology issues. Technical issues are addressed from an executive point of view.
Domain 5 consists of content regarding leadership, aligning security programs to the overall goals of the business, strategic management, executive buy-in, financial management and much more. Domain 5’s content sets the CCISO program apart from all other infosec management certifications on the market by teaching the content that technical CISOs are usually lacking.
The C|CISO Exam was developed by practicing CISOs and based on the real-world scenarios professionals from across industries have faced while securing some of the most prestigious organizations in the world. The C|CISO Exam is available at Pearson VUE testing centers around the world. Applicant’s knowledge in all five of the C|CISO Domains will be tested on the exam that focuses on scenario-based questions and requires applicants to apply their real-world experience in order to answer successfully. To that end, in order to qualify to sit for the C|CISO Exam after taking the CCISO class, applicants have at least 5 years of information security experience in 3 or more of the CCISO Domains. Any student lacking this experience may take the EC-Council Information Security Management (EISM: https://ciso.eccouncil.orgcciso-certification/eism-program/) exam and earn the EISM certification. In order to sit for the C|CISO exam and earn the certification, candidates must meet the basic C|CISO requirements. Candidates who do not yet meet the C|CISO requirements but are interested in information security management can pursue the EC-Council Information Security Management (EISM) certification.