InfoSafe Academy

EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of highlevel information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

In order to sit for the CCISO exam and earn the certification, candidates must meet the basic CCISO requirements. Candidates who do not yet meet the CCISO requirements but are interested in information security management can pursue the EC-Council Information Security Management (EISM) certification.

The CCISO is for information security executives aspiring to be CISOs through refining their skills and learning to align information security programs with business goals and objectives. This program also encourages existing CISOs to improve their technical and management skills, as well as business procedures.

Accredited by ANSI

Compliant to the NICE Framework

It brings together all the components required for a C-Level position

Focuses on the application of technical knowledge

Bridges the Gap between Technical Knowledge, Executive Management, and Financial Management

Recognizes the Importance of Real-World Experience

Designed by the Experts

The program focuses on five domains to bring together all the components required for a C-Level position. It combines governance, security risk management, controls, audit management, security program management and operations, information-security core concepts, and strategic planning, finance, and vendor management––skills that are vital to leading a highly successful information security program.

The five domains were mapped in alignment to the NICE Cybersecurity Workforce Framework (NCWF), a national resource that categorizes and describes cybersecurity work, listing common sets of duties and skills needed to perform specific tasks.

The framework consists of seven highly important categories; one of which is “Oversight and Development” and deals with leadership, management, direction, and advocacy. It was upon these requirements that the CCISO program was created, with skill development courses in legal advice and advocacy, strategic planning and policy development, Information Systems Security Operations (ISSO), and Security Program Management (CISO) being 95% related to the NCWF.

• New sections covering GDPR

• Enhanced focus on Risk Management frameworks including NIST, TARA, OCTAVE, FAIR, COBIT, and ITIL

• More emphasis on Vendor Management

• Deep dive into Contract Management

• Step-by-step instructions on building and maturing a Security Program

• A CISO-level view of transformative technologies like Artificial Intelligence, Augmented Reality, Autonomous SOCs, Dynamic Deception, and more!

• Strategic planning deep dives