Raising Cybersecurity Awareness: EC-Council’s Mission to Educate and Prepare Global Professionals
CXOToday has engaged in an exclusive interview with Jay Bavisi, CEO & President, EC-Council Group
How did EC-Council, the inventor of the Certified Ethical Hacker program, become a global brand in cybersecurity education and training, and what drives its growth story in transforming the sector over the past 20 years?
Back in 2001, after watching the 9/11 attack on the World Trade Center unfold, I pondered the question what if a similar attack were to be carried out on the cyber battlefield? Would the information security community have the tools and resources at its disposal to combat such an attack? At that time, the answer was no. As an answer, EC-Council was formed for creating cutting-edge information security training and certification programs to protect the interconnected world from potential cyber dangers.
In 2003, we became the frontrunners, with the introduction of the Certified Ethical Hacker (C|EH) certification. For over two decades, we’ve been at the forefront of the cybersecurity education revolution, empowering professionals in over 140 countries. In today’s world, where widespread layoffs are affecting countless individuals, many of our C|EH professionals are enjoying salaries three times higher than the average. Moving further, in 2006 we created our university – ECCU, and in 2010, we achieved an important milestone when the U.S. Department of Defense recognized the Certified Ethical Hacker program within directive 8570.
As the digital world became increasingly complex, our unwavering mission was to create a cyber-literate workforce across the globe. To achieve this, we offer specialized courses in areas like Vulnerability Assessment & Pen Testing, Network Defense, Incident Handling & Response, Application Security, and Blockchain as well as the Certified Cyber Security Technician (C|CT) program for career starters.
Also after recognizing the mounting cybersecurity challenges and the critical role of awareness in preventing cyber vulnerability, we decided to create a platform to educate individuals on the essentials of cybersecurity. Thus, CodeRed – the world’s largest online cybersecurity library – was launched in 2019. Through CodeRed, individuals are able to acquire vital cybersecurity skills, ranging from ethical hacking basics and programming fundamentals to advanced penetration testing and digital forensics.
For over two decades, EC-Council has played a vital role in the cybersecurity sector by offering comprehensive training and certification programs. These initiatives have not only raised cybersecurity awareness but also enhanced the expertise of professionals globally. Our enduring aspiration has been to position ourselves as the go-to choice for individuals seeking cybersecurity education, and we are constantly striving to create a meaningful impact by training individuals and professionals to be cyber-ready.
What are EC-Council’s goals for the next 5 years in advancing its mission of transforming the cybersecurity education sector, and how will the company continue to innovate and lead in the industry?
With EQT, one of the world’s top 5 private equity companies, on board, EC-Council aims to further strengthen its position as a global leader in cybersecurity training and certification. Our goals for the next 5 years include advancing its mission of transforming the cybersecurity education sector through continued innovation and leadership in the industry. The company plans to expand its offerings to meet the evolving needs of cybersecurity professionals, with a particular focus on emerging technologies such as artificial intelligence (AI) and machine learning (ML). EC-Council aims to develop new programs and certifications that incorporate AI and ML to help professionals stay ahead of cyber threats and protect the digital world. In addition to expanding its offerings, EC-Council plans to deepen its global reach by forging strategic partnerships and expanding its network of authorized training centers. Through these efforts, the company hopes to create a thriving community of ethical cybersecurity professionals who are equipped with the knowledge and skills necessary to address the complex challenges of the cybersecurity landscape.
How has EC-Council’s Certified Ethical Hacker program transformed the cybersecurity education sector, and what is the vision for creating a global community of ethical cybersecurity professionals?
As the inventor of the Certified Ethical Hacker (C|EH) program, our vision was to inspire a global community of cybersecurity professionals who are dedicated to protecting the digital world, fostering collaboration, and staying ahead of the ever-evolving cyber threat landscape. We recognized that the rapidly evolving landscape of technology and cyber threats demanded a proactive, rather than reactive, approach to cybersecurity.
The primary objective of the C|EH program is to “beat hackers at their own game” by training a new generation of cybersecurity professionals who not only possess the technical knowledge but also the ethical mindset to combat cyber threats effectively. The C|EH program stands out as the pioneer program of its kind with the newly introduced four-phase learning framework, “Learn, Certify, Engage, and Compete,” which enables trainees to not only gain knowledge but also apply their skills in practical situations.
By emphasizing the importance of ethical behavior in cybersecurity and ensuring that certified professionals would use their skills for good rather than engaging in malicious activities, the focus on ethics has remained a cornerstone of the program and has contributed to its widespread recognition and respect in the industry. I am proud to say that we have trained and certified over 300,000 professionals, and we are playing a vital role in making the digital world a safer place for all.
As the cybersecurity skills gap continues to pose a major challenge for businesses and organizations, how does EC-Council tackle the issue of bridging the gap between education and industry? Additionally, what is the aim behind EC-Council’s recently announced C|CT scholarship for career starters?
The rapid evolution of technology and cyber threats has led to a significant skills gap in the cybersecurity industry. Cybersecurity jobs evolve very fast, and we need professionals that have a broad range of skills that can be deployed in the real world. EC-Council’s cybersecurity education approach focuses on providing trainees with the practical skills and knowledge they need to succeed in the industry.
As you may know, there could be around 6 million job openings in cybersecurity worldwide by 2023. And in the U.S., the number of cybersecurity-related jobs is projected to grow by 31% from 2019 to 2029, as projected by the Bureau of Labor Statistics, which is faster than the average for all other jobs. That’s an estimated 40,900 more jobs in cybersecurity during that period.
The demand is enormous, hence, to address the critical cybersecurity workforce gap and growing demand for a cyber-trained workforce, we recently announced a $3.5 million scholarship fund to provide full tuition certification scholarships to high school students, university students, and working professionals to become Certified Cybersecurity Technicians. The initiative aims to infuse trained, cyber-literate, and solution-focused professionals into organizations globally and intends to create 10,000 qualified entry-level Certified Cybersecurity Technicians to help meet the massive cybersecurity workforce gap.
With the help of the Certified Cybersecurity Technician program, aspiring cybersecurity professionals can pursue jobs as cybersecurity consultants, consultants, network engineers, and IT administrators. The C|CT covers the basics of data security, network security, computer forensics, risk management, incident handling, and industry best practices.
Those who are part of the C|CT program will get access to the complete authorized syllabus, as well as online courseware that involves 22 interactive modules. This consists of 200 hours of video lessons, 85 practical lab sessions, capture-the-flag (CTF) exercises, 2,400 pages of content (including 900 pages of lab guides), and a voucher for a certification examination.
What are the in-demand cybersecurity skills for 2023?
The field of cybersecurity is intricate and involves a range of tasks, such as detecting vulnerabilities and addressing potential threats in networks, systems, and software, as well as retrieving data that may have been lost due to a cyber attack. Cybersecurity is an essential aspect of a modern-day technology-driven society. Despite its complexity, individuals who are motivated and interested in technology can develop cybersecurity skills and secure a well-paying job in this field. Here are some of the most in-demand cybersecurity skills:
- Network and System Administration Skills
- Cloud Security Skills
- Application Security Skills
- Penetration Testing
- Risk Assessment and Management Skills
- Digital Forensics and Incident Report
- Programming and Database language
- Data Security Skills
- Linux Skills
- Business Leadership skills
You also have the Certified Chief Information Security Officer (C|CISO) program. Does it prepare top-level information security executives to lead their organizations in navigating the complex and evolving cybersecurity landscape?
The program is designed to equip top-level executives with the necessary knowledge and skills to manage information security risks effectively and align them with business goals. The C|CISO program is globally recognized and has trained over 2,000 executives to date. The program has received accreditation from the American National Standards Institute (ANSI) and the National Initiative for Cybersecurity Education (NICE), making it one of the few information security programs with this level of accreditation. The C|CISO program is designed to meet the needs of today’s complex information security landscape, where organizations face sophisticated and evolving cyber threats. The program provides a practical and holistic approach to information security management, focusing on the development of core competencies and skills that are essential for top-level executives. The program’s curriculum is regularly updated to reflect the latest industry trends and best practices, ensuring that participants are equipped with the most current knowledge and skills.
Our survey revealed that 97% of C|CISO graduates said the program positively impacted their careers. 87% reported improved performance in their current roles, while 78% landed promotions or new jobs. Employers also value the C|CISO certification highly, with 93% of respondents saying it positively affects their hiring decisions. These results indicate that the program has had a substantial impact on the careers of top-level information security executives, enhancing their job prospects.
EC-Council’s latest C|EH Hall of Fame annual report is making waves. What does the report reveal about the current state and future direction of the cybersecurity industry?
The 2023 C|EH Hall of Fame Annual Report is a comprehensive and in-depth examination of the Certified Ethical Hacker (C|EH) community. This report is based on a detailed survey of more than 3,300 C|EH Hall of Fame applicants, providing valuable insight into the practical aspects of career advancement through the C|EH certification program and the real-world applications of ethical hacking skills.
One of the key takeaways from the report is that 80% of the honorees started their careers with the Certified Ethical Hacker (C|EH). According to the report, 50% of the C|EH-certified professionals received promotions after completing the C|EH.
92% of hiring managers prefer candidates with the C|EH for jobs that require ethical hacking skills, and 95% of our Hall of Fame respondents chose the C|EH for career growth.
Overall, the report provides an overview of the state of the cybersecurity industry in 2023, highlighting key challenges and achievements. It also examines the impact of the C|EH program on the careers and professional development of those in the community, including the 1,000 finalists and 100 awardees of the C|EH Hall of Fame honor.
As a cybersecurity learner, what makes EC-Council stand out for me, and how can their offerings give me an edge in achieving my professional aspirations?
We believe that we have created a niche in the education sector, and we have the first-mover advantage. Being a global leader in cybersecurity training, certification, and research, our approach is designed to give our trainees an edge in many ways, starting with our “learn, certify, engage, compete” framework.
This framework is all about ensuring that professionals and career starters are job-ready for the long term, by giving them plenty of hands-on learning experiences.
The first step is learning, which is to provide individuals/professionals with the necessary knowledge and skills to succeed in the field of cybersecurity. EC-Council offers a range of training courses and materials to help students learn about different aspects of cybersecurity, including ethical hacking, penetration testing, digital forensics, and incident response.
The second step is to provide certification programs to validate the skills and knowledge acquired through the learning process, followed by engaging students in real-world scenarios, allowing them to apply their skills and knowledge to solve practical cybersecurity problems. EC-Council offers a range of simulation exercises and challenges to provide students with hands-on experience in a safe and controlled environment.
The final step is to compete. We enable individuals to showcase their skills against other professionals in the cybersecurity industry. EC-Council offers various competitions, such as the Global CyberLympics and the EC-Council Certified Security Analyst (ECSA) Practical Exam, where participants can compete against their peers and demonstrate their expertise.
To make the learning experience robust, we have trainers who are highly experienced experts in their fields. They bring real-world experience to the classroom, which helps trainees to understand the practical applications of cybersecurity concepts. We offer a comprehensive curriculum that covers a broad range of cybersecurity topics. The curriculum is regularly updated to reflect the latest trends and developments in the industry.
With a global presence and training centers in over 150 countries, our global reach allows trainees to access training and certification programs from anywhere in the world, making it a convenient option for individuals seeking to advance their cybersecurity careers.
How has cybersecurity education/training evolved in the past few years?
Over the past few decades, with its perpetuity being one of the biggest changes, cybersecurity has undergone tremendous growth. While the growth in cyber threats is undeniable, as we progress in technology, the demand for skilled cybersecurity professionals will continue to increase. A report by Cybersecurity Ventures predicts that global spending on cybersecurity will exceed $1 trillion between 2021 and 2025, underscoring the need for robust cybersecurity education and training programs.
Due to the pandemic, there has been a significant impact on both the growth of online education as well as the escalation of cyber threats. With the rapid adoption of remote learning and online education, cybersecurity education has become more accessible to a diverse audience. As a result, various online courses, boot camps, and certification programs have emerged, catering to different skill levels and career paths.
Hence, in order to meet the growing demand for skilled professionals, universities and educational institutions have expanded their cybersecurity course offerings or established dedicated cybersecurity departments. This has resulted in a broader range of academic degrees and certifications, including associate and bachelor’s degrees, as well as master’s and doctoral programs.
Another factor that adds to the evolution of education or training in cybersecurity is the transformation in the teaching methodology. Instead of just theoretical concepts, cybersecurity education has shifted towards a more practical, hands-on approach. By incorporating real-world scenarios, simulations, and lab exercises, students and professionals get to develop practical skills that are relevant to their jobs.
Also most importantly, the collaboration between academia, industry, and government organizations, such as EC-Council, has played a critical role in the evolution of cybersecurity education.
The cybersecurity education landscape is constantly evolving, and with the rise of artificial intelligence (AI) and machine learning (ML), it has become even more complex. AI and ML have the potential to revolutionize cybersecurity by enabling faster and more accurate threat detection and response. Today, cybersecurity education has adapted to include these new areas of expertise, with universities and training programs offering multidisciplinary courses and training programs. Staying current with the latest developments is essential for effective cybersecurity, as threats become more sophisticated and frequent. Despite its complexity, the field remains fascinating and rewarding, and I’m excited to see where it will take us in the future.
