- This event has passed.
About the Program
Are you ready to take your cybersecurity leadership to the next level?
EC-Council’s Certified CISO Program has been used to certify leading information security and technology professionals around the world. The program focuses on five domains to bring together all the components required for effective security leadership. It combines governance, security risk management, controls, audit management, security program management and operations, information-security core concepts, and strategic planning, finance, and vendor management––skills that are vital to a successful security program.
The five CCISO domains align with the NICE Cybersecurity Workforce Framework (NCWF), a national resource that categorizes and describes cybersecurity work, listing common sets of duties and skills needed to perform specific tasks. This alignment supports the program’s accreditation from the American National Standards Institute (ANSI) and designation by the U.S. Department of Defense as an authorized certification for cybersecurity leaders.
CLASS-LLC has taken the program to the next level by adding round-table discussions, case studies, and workshop exercises that ensure the experience is valuable for all business, risk management, and technology leaders who have a cybersecurity role in their organizations. This course is the best training in the marketplace for existing CISOs, IT executives, middle managers, and aspiring security leaders.
Who This is For
The CCISO is for information security executives aspiring to be CISOs through refining their skills and learning to align information security programs with business goals and objectives. This program also encourages existing CISOs to improve their technical and management skills, as well as business procedures.
Eligibility & Certification
To be approved to take the CCISO exam without first taking certified training, you will need to show evidence and present verifiers to show that you have 5 years of experience in each of the five CCISO domains. Experience waivers are available for some industry-accepted certifications and CCISO Exam Eligibility Application Form higher education. Between certification and training waivers, applicants can only waive 3 years of experience for each domain. If you have taken training, you must show 5 years of experience in 3 of the 5 domains in order to take the CCISO exam.
Applicants found not qualified for the CCISO Exam may choose to take the EC-Council Information Security Manager (EISM) exam instead. The EISM exam is less challenging than the CCISO exam and leads to the EISM certification, which has no experience requirements but does require that you take CCISO training. Candidates that successfully pass the exam will receive their C|CISO certificate and community privileges Members are expected to adhere to recertification requirements through EC-Council’s Continuing Education Requirements.
The National Initiative for Cybersecurity Education (NICE)
United States Navy
American National Standards Institute (ANSI)
United States Army
GCHQ Certified Training (GCT)
United States Marine Corps
United States Department of Defense
United States Air Force
C|CISO Body of Knowledge
The EC-Council CCISO Body of Knowledge covers all five of the CCISO Information Security Management Domains in-depth and was written by seasoned CISOs for current and aspiring CISOs.
Elements That Make C|CISO One of a Kind
Accredited by ANSI
EC-Council has been accredited by the American National Standards Institute (ANSI) for its CCISO certification program. It is one of the few certification bodies whose primary specialization is information security in order to meet the ANSI/ISO/IEC 17024 Personnel Certification Accreditation standard.
Compliant to the NICE Framework
The five domains of the CCISO program are mapped to the NICE Cybersecurity Workforce Framework (NCWF), a national resource that categorizes and describes cybersecurity work, listing common sets of duties and skills needed to perform specific tasks.
It brings together all the components required for a C-Level position
The CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program.
Bridges the Gap between Technical Knowledge, Executive Management, and Financial Management
The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. This can be a crucial gap as practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.
Focuses on the application of technical knowledge
Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work.
Recognizes the Importance of Real-World Experience
To reach a C-Level position, an information security officer must have prior experience to gain a holistic idea of what to expect while in the field. With this in mind, the CCISO program consists of many real-world experiences faced by current CISOs around the world. he CCISO exam also challenges students to develop a business continuity plan for a company in a given industry and situation, use metrics to communicate risk for different audiences, and describes how to align security programs with the goals of the business–among many other exercises.
Designed by the Experts
The CCISO Advisory board is comprised of practicing CISOs who designed the program based on their day-to-day experiences - based on both technical and management concerns. The board is made up of security leaders from Amtrak, HP, the City of San Francisco, Lennar, the Center for Disease Control, universities, and consulting firms who have contributed their vast knowledge to create this program to address the lack of leadership training in information security.