C/CISO (Certified Chief Information Security Officer)
5-day training to become a Certified Chief Information Security Officer (C/CISO). C/CISO is the first and only certification in the world for CISOs and aspiring CISOs!
C/CISO v3 (Certified Chief Information Security Officer) – mode of study
Option 1: 5-day in-class training (including the official EC-Council C/CISO exam)
Option 2: live online (remote) with online remotely proctored exam
Option 3: in-company training
Why become a Certified Chief Information Security Officer (C/CISO)?
Organizations are increasingly in need of a new set of skills and processes to ensure the security of information at a scale that will be required tomorrow. As a C/CISO, you possess the proven knowledge and experience to plan and oversee information security for the entire corporation. The C/CISO certification is the right choice for you and your career if you:
- Aspire to attain the most respected title within the information security profession: CISO
- Already serve as an official CISO, or
- Perform a CISO position in your organization without the official title
C/CISO at a glance
- C/CISO is the world's first and only certification for CISOs and aspiring CISOs
- C/CISO is globally recognized and backed by more than 1,500 C/CISOs around the globe
- The C/CISO content is mapped against NICE (National Initiative for Cyber Security Education)
- C/CISO is ranked as the top 5 amongst 800 certifications based on salary package
Why is the C/CISO certification important for an organization?
The C/CISO certification assures organizations that their certified professionals possess the necessary skills to identify factors that pose a risk to the successful operation of the organization and develop and implement technical, operational and procedural safeguards to manage those risks. C/CISOs are the leadership force that will protect the organization from undesired and costly security breaches by designing information security programs and leading a team of information security professionals.
C/CISO – toplevel certification training for Chief Information Security Officers
This 5-day C/CISO training has certified numerous leading information security professionals around the world. It is the first of its kind training and certification program aimed at producing top-level information security leaders. The C/CISO training does not focus solely on technical knowledge, but on the application of information security management principles from an executive management point of view. The program was developed by seasoned CISOs for current and aspiring CISOs.
The C/CISO program assumes a high-level understanding of technical topics and does not spend much time on strictly technical information, but rather on applying this technical knowledge in an information security executive's daily work. The C/CISO training aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. The program is comprised of 3 components: training, the Body of Knowledge (BoK), and the C/CISO exam. The training consists of individualized instruction, hands-on labs, group exercises, and self testing. On the last training day, you will participate in an interactive Cyber Wargame in which a cyber incident is simulated and dealt with from a CISO's perspective.
EC-Council is the world's largest cyber security technical certification body and operates in more than 145 countries globally. EC-Council has trained and certified over 200,000 information security professionals worldwide. EC-Council is the owner and developer of the world-famous Certified Ethical Hacker (CEH) training and certification, Certified Security Analyst (ECSA)/Licensed Penetration Tester (LPT), and Certified Threat Intelligence Analyst (C/TIA), among many others.
Who should be C/CISO trained and certified?
C/CISO is the step anyone interested in an executive career in information security should take after completing certification trainings like CISSP, CISA, CISM, etc. Are you working in a CISO position or do you want to work in a CISO position, then this is the training for you. The C/CISO designation is well-known, highly respected and often a certification requirement for professionals like security managers, security administrators, network engineers with a specialization in security, security specialists, security analysts, security engineers, security architects, risk officers, IT auditors, and many other information security professionals.
What will you learn?
Upon completion of this C/CISO training, you will accomplish the following:
- Define, implement and manage an information security governance program that includes leadership, organizational structures and processes
- Assess the major enterprise risk factors for compliance
- Design and develop a program to monitor firewalls and identify firewall configuration issues
- Identify vulnerability and attacks associated with wireless networks and manage different wireless network security tools
- Deploy and manage anti-virus systems
- Understand various system-engineering practices
- Identify the volatile and persistent system information
- Develop and manage an organizational digital forensic program
- Identify the best practices to acquire, store and process digital evidence
- Define Key Performance Indicators (KPIs) and measure effectiveness on a continuous basis
- Allocate financial resources to projects, processes, and units within an information security program
- Identify and report financial metrics to stakeholders
- Understand the IA security requirements to be included in statements of work and other appropriate procurement documents in this C/CISO certification training program
About the C/CISO domains
C/CISOs are certified in the knowledge of and experience in the following C/CISO domains:
- Domain I - covers policy, legal and compliance issues involved in the executive management of an information security program
- Domain II - is connected with audit and risk management, including understanding your organization's risk tolerance and managing accordingly
- Domain III - covers many of the day-to-day aspects of the CISO job including project, technology, and operations management
- Domain IV - delves into the technology of the CISO's role but from an executive perspective
- Domain V - covers finance and strategic management, some of the key skills that help CISOs rise to the level of their peer C-level executives
There are no prerequisites to attend the C/CISO training. However, in order to sit the C/CISO exam, you must demonstrate 5 years of experience in 3 of the 5 C/CISO domains, verified via the EC-Council's exam eligibility application. You can substitute some of the experience requirements with experience waivers. These are available for some professional certifications, including CISSP, CISM, CISA, CRISC, CGEIT, LPT, EDRP, CIPP, PMP, ITIL and relevant higher education qualifications.
Not yet qualified to take the C/CISO exam?
Should you not meet the minimum requirements for the C/CISO exam you can take the C/CISO training anyhow, but only those who qualify will be issued a C/CISO exam voucher. Do you not have the years of experience required for the C/CISO exam, you can take the EC-Council Information Security Manager (EISM) exam after the C/CISO training. EC-Council Information Security Managers (EISMs) may apply for the C/CISO exam once they have attained the required years of experience. The eligibility application fee is waived and EISMs will receive a 50% discount on the regular C/CISO exam fee.
About the C/CISO exam
EC Council's exam to become a Certified Chief Information Security Officer (C/CISO) is scenario-based and consists of 150 multiple choice questions. The exams takes 2,5 hours of your time. The passing score is 72%. The delivery is computer-based and proctored by Pearson Vue at over 4,000 global testing centers, amongst which our training location. You can also choose to do your online exam remotely proctored in the comfort of your own working environment or at home.
P.S. Should you not pass the C/CISO exam the first time, you may re-attend the C/CISO training for free (within a period of one year).
Level of the training
The C/CISO training is lectured on a Bachelor level.
Renewal of your C/CISO certification
Your C/CISO certification is valid for a period of 3 years. To renew your C/CISO certification you must satisfy the continuing education requirements of EC-Council and remit a renewal fee of USD 100.
Extra – free trial of phishing tool
As an attendee of the C/CISO training you will receive a free e-mail phishing simulation tool to protect your workplace (up to 1,000 users) from phishing attacks. The OnPhish Learning Management System consists of numerous templates and interactive e-learning modules. Next to this you will receive 12 editions of the EC-Council e-magazine CISO MAG for free.
Interesting trainings for you!
The following trainings could be relevant for you and/or your colleagues:
- Cybersecurity Fundamentals certification
- Cyber Security Audit training and certification
- Cloud Security (CCSK) - public training or online
- Certified Cloud Security Professional (CCSP)
- CISSP certification training
- ISO 31000 Risk Management
- Certified ISO 27005 Risk Manager
- Identity management & Access Control (IAM)
- Certified Ethical Hacker
- Cyber Security for Industrial Automation (ICS/SCADA) and OT
With at least 5 participants, an in-house training could be your best choice. An in-company training, customized to the needs of your organization, has many advantages and:
- saves you and your colleagues time
- enables you to train in the comfort of your own working environment
- saves travel and accommodation expenses
- can be arranged at a date and time convenient for you
- sensitive issues can be discussed openly since no outsiders are present
Do you prefer an in-company training? Please contact us for more information. We are more than happy to discuss the various possibilities with you.
C/CISO (Certified Chief Information Security Officer) – program
Governance and risk management
- Define, implement, manage, and maintain an information security governance program
- Information security drivers
- Establishing an information security management structure
- Laws, regulations, standards as drivers of organizational policy, standards, procedures
- Managing an enterprise information security compliance program
- Risk management
Information security controls, compliance, and audit management
- Information security controls
- Compliance management
- Guidelines, good and best practices
- Audit management
Security program management and operations
- Program management
- Operations management
Information security core competencies
- Access controls
- Physical security
- Network security
- Certified chief
- Endpoint protection
- Application security
- Encryption technologies
- Virtualization security
- Cloud computing security
- Transformative technologies
Strategic planning, finance, procurement, and vendor management
- Strategic planning
- Designing, developing, and maintaining an enterprise information security program
- Understanding the Enterprise Architecture (EA)
- Vendor management
Your instructor is a very experienced EC-Council accredited and certified trainer.
The C/CISO training consists of 5 days, in-class and remote/live-online (up to your choice). The C/CISO in-class training will be organized close to Amsterdam on the following dates:
- 22 - 26 January 2024
- 25 - 29 March 2024
- 13 - 17 May 2024
- 1 - 5 July 2024
- 16 - 20 September 2024
- 4 - 8 November 2024
Fee / Registration
The fee for the 5-day C/CISO training is € 3,950. The fee includes all lunches, coffee/tea, the official EC Council C/CISO study guide and the C/CISO exam (value about € 1,000). Should you fail to pass the C/CISO exam the first time, you may re-attend the C/CISO training within a period of 1 year for free. Please make your choice between the public in-class 5-day training or the live online (remote) version of the C/CISO training.