• Home
  • +91 8447121833 / 0120 4326873
  • Thanks for Contacting us Our representative will be in touch with you shortly

    This website uses cookies

    CCISO - Certified Chief Information Security Officer Training

    EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program. Enroll & Get Certified now!

    • ✔ Course Duration : 40 hrs
    • ✔ Training Options : Live Online / Self-Paced / Classroom
    • ✔ Certification Pass : Guaranteed

    CCISO - Certified Chief Information Security Officer Training

    EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program
    The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

    What you will Learn

    • Define, implement, and manage an information security governance program that includes leadership, organizational structures and processes.
    • Assess the major enterprise risk factors for compliance.
    • Design and develop a program to monitor firewalls and identify firewall configuration issues.
    • Identify vulnerability and attacks associated with wireless networks and manage different wireless network security tools.
    • Deploy and manage anti-virus systems.
    • Understand various system-engineering practices.
    • Identify the volatile and persistent system information.
    • Develop and manage an organizational digital forensic program.
    • Identify the best practices to acquire, store and process digital evidence.
    • Define key performance indicators and measure effectiveness on continuous basis.
    • Allocate financial resources to projects, processes and units within information security program.
    • Identify and report financial metrics to stakeholders.
    • Understand the IA security requirements to be included in statements of work and other appropriate procurement documents in this CCISO certification training program.

    PREREQUISITES

    • Basic knowledge of Networking
    • Core ethical hacking skills

    CURRICULUM

    Learning Objectives
    • 1. Define, Implement, Manage, and Maintain an Information Security Governance Program
    • 1.1. Form of Business Organization
    • 1.2. Industry
    • 1.3. Organizational Maturity
    • 2. Information Security Drivers
    • 3. Establishing an information security management structure
    • 3.1. Organizational Structure
    • 3.2. Where does the CISO fit within the organizational structure
    • 3.3. The Executive CISO
    • 3.4. Nonexecutive CISO
    • 4. Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures
    • 5. Managing an enterprise information security compliance program
    • 5.1. Security Policy
    • 5.1.1. Necessity of a Security Policy
    • 5.1.2. Security Policy Challenges
    • 5.2. Policy Content
    • 5.2.1. Types of Policies
    • 5.2.2. Policy Implementation
    • 5.3. Reporting Structure
    • 5.4. Standards and best practices
    • 5.5. Leadership and Ethics
    • 5.6. EC-Council Code of Ethics
    • 6. Introduction to Risk Management
    • 6.1. Organizational Structure
    • 6.2. Where does the CISO fit within the organizational structure
    • 6.3. The Executive CISO
    • 6.4. Nonexecutive CISO
    Learning Objectives
    • 1. Information Security Controls
    • 1.1. Identifying the Organization’s Information Security Needs
    • 1.1.1. Identifying the Optimum Information Security Framework
    • 1.1.2. Designing Security Controls
    • 1.1.3. Control Lifecycle Management
    • 1.1.4. Control Classification
    • 1.1.5. Control Selection and Implementation
    • 1.1.6. Control Catalog
    • 1.1.7. Control Maturity
    • 1.1.8. Monitoring Security Controls
    • 1.1.9. Remediating Control Deficiencies
    • 1.1.10. Maintaining Security Controls
    • 1.1.11. Reporting Controls
    • 1.1.12. Information Security Service Catalog
    • 2. Compliance Management
    • 2.1. Acts, Laws, and Statutes
    • 2.1.1. FISMA
    • 2.2. Regulations
    • 2.2.1. GDPR
    • 2.3. Standards
    • 2.3.1. ASD—Information Security Manual
    • 2.3.2. Basel III
    • 2.3.3. FFIEC
    • 2.3.4. ISO 00 Family of Standards
    • 2.3.5. NERC-CIP
    • 2.3.6. PCI DSS
    • 2.3.7. NIST Special Publications
    • 2.3.8. Statement on Standards for Attestation Engagements No. 16 (SSAE 16)
    • 3. Guidelines, Good and Best Practices
    • 3.1. CIS
    • 3.1.1. OWASP
    • 4. Audit Management
    • 4.1. Audit Expectations and Outcomes
    • 4.2. IS Audit Practices
    • 4.2.1. ISO/IEC Audit Guidance
    • 4.2.2. Internal versus External Audits
    • 4.2.3. Partnering with the Audit Organization
    • 4.2.4. Audit Process
    • 4.2.5. General Audit Standards
    • 4.2.6. Compliance-Based Audits
    • 4.2.7. Risk-Based Audits
    • 4.2.8. Managing and Protecting Audit Documentation
    • 4.2.9. Performing an Audit
    • 4.2.10. Evaluating Audit Results and Report
    • 4.2.11. Remediating Audit Findings
    • 4.2.12. Leverage GRC Software to Support Audits
    • 5. Summary
    Learning Objectives
    • 1. Program Management
    • 1.1. Defining a Security Charter, Objectives, Requirements, Stakeholders, and Strategies
    • 1.1.1. Security Program Charter
    • 1.1.2. Security Program Objectives
    • 1.1.3. Security Program Requirements
    • 1.1.4. Security Program Stakeholders
    • 1.1.5. Security Program Strategy Development
    • 1.2. Executing an Information Security Program
    • 1.3. Defining and Developing, Managing and Monitoring the Information Security Program
    • 1.3.1. Defining an Information Security Program Budget
    • 1.3.2. Developing an Information Security Program Budget
    • 1.3.3. Managing an Information Security Program Budget
    • 1.3.4. Monitoring an Information Security Program Budget
    • 1.4. Defining and Developing Information Security Program Staffing Requirements
    • 1.5. Managing the People of a Security Program
    • 1.5.1. Resolving Personnel and Teamwork Issues
    • 1.5.2. Managing Training and Certification of Security Team Members
    • 1.5.3. Clearly Defined Career Path
    • 1.5.4. Designing and Implementing a User Awareness Program
    • 1.6. Managing the Architecture and Roadmap of the Security Program
    • 1.6.1. Information Security Program Architecture
    • 1.6.2. Information Security Program Roadmap
    • 1.7. Program Management and Governance
    • 1.7.1. Understanding Project Management Practices
    • 1.7.2. Identifying and Managing Project Stakeholders
    • 1.7.3. Measuring the Effectives of Projects
    • 1.8. Business Continuity Management (BCM) and Disaster Recovery Planning (DRP)
    • 1.9. Data Backup and Recovery
    • 1.10. Backup Strategy
    • 1.11. ISO BCM Standards
    • 1.11.1. Business Continuity Management (BCM)
    • 1.11.2. Disaster Recovery Planning (DRP)
    • 1.12. Continuity of Security Operations
    • 1.12.1. Integrating the Confidentiality, Integrity and Availability (CIA) Model
    • 1.13. BCM Plan Testing
    • 1.14. DRP Testing
    • 1.15. Contingency Planning, Operations, and Testing Programs to Mitigate Risk and Meet Service Level Agreements (SLAs)
    • 1.16. Computer Incident Response
    • 1.16.1. Incident Response Tools
    • 1.16.2. Incident Response Management
    • 1.16.3. Incident Response Communications
    • 1.16.4. Post-Incident Analysis
    • 1.16.5. Testing Incident Response Procedures
    • 1.17. Digital Forensics
    • 1.17.1. Crisis Management
    • 1.17.2. Digital Forensics Life Cycle
    • 2. Operations Management
    • 2.1. Establishing and Operating a Security Operations (SecOps) Capability
    • 2.2. Security Monitoring and Security Information and Event Management (SIEM)
    • 2.3. Event Management
    • 2.4. Incident Response Model
    • 2.4.1. Developing Specific Incident Response Scenarios
    • 2.5. Threat Management
    • 2.6. Threat Intelligence
    • 2.6.1. Information Sharing and Analysis Centers (ISAC)
    • 2.7. Vulnerability Management
    • 2.7.1. Vulnerability Assessments
    • 2.7.2. Vulnerability Management in Practice
    • 2.7.3. Penetration Testing
    • 2.7.4. Security Testing Teams
    • 2.7.5. Remediation
    • 2.8. Threat Hunting
    • 3. Summary
    Learning Objectives
    • 1. Access Control
    • 1.1. Authentication, Authorization, and Auditing
    • 1.2. Authentication
    • 1.3. Authorization
    • 1.4. Auditing
    • 1.5. User Access Control Restrictions
    • 1.6. User Access Behavior Management
    • 1.7. Types of Access Control Models
    • 1.8. Designing an Access Control Plan
    • 1.9. Access Administration
    • 2. Physical Security
    • 2.1. Designing, Implementing, and Managing Physical Security Program
    • 2.1.1. Physical Risk Assessment
    • 2.2. Physical Location Considerations
    • 2.3. Obstacles and Prevention
    • 2.4. Secure Facility Design
    • 2.4.1. Security Operations Center
    • 2.4.2. Sensitive Compartmented Information Facility
    • 2.4.3. Digital Forensics Lab
    • 2.4.4. Datacenter
    • 2.5. Preparing for Physical Security Audits
    • 3. Network Security
    • 3.1. Network Security Assessments and Planning
    • 3.2. Network Security Architecture Challenges
    • 3.3. Network Security Design
    • 3.4. Network Standards, Protocols, and Controls
    • 3.4.1. Network Security Standards
    • 3.4.2. Protocols
    • 4. Certified Chief
    • 4.1.1. Network Security Controls
    • 4.2. Wireless (Wi-Fi) Security
    • 4.2.1. Wireless Risks
    • 4.2.2. Wireless Controls
    • 4.3. Voice over IP Security
    • 5. Endpoint Protection
    • 5.1. Endpoint Threats
    • 5.2. Endpoint Vulnerabilities
    • 5.3. End User Security Awareness
    • 5.4. Endpoint Device Hardening
    • 5.5. Endpoint Device Logging
    • 5.6. Mobile Device Security
    • 5.6.1. Mobile Device Risks
    • 5.6.2. Mobile Device Security Controls
    • 5.7. Internet of Things Security (IoT)
    • 5.7.1. Protecting IoT Devices
    • 6. Application Security
    • 6.1. Secure SDLC Model
    • 6.2. Separation of Development, Test, and Production Environments
    • 6.3. Application Security Testing Approaches
    • 6.4. DevSecOps
    • 6.5. Waterfall Methodology and Security
    • 6.6. Agile Methodology and Security
    • 6.7. Other Application Development Approaches
    • 6.8. Application Hardening
    • 6.9. Application Security Technologies
    • 6.10. Version Control and Patch Management
    • 6.11. Database Security
    • 6.12. Database Hardening
    • 6.13. Secure Coding Practices
    • 7. Encryption Technologies
    • 7.1. Encryption and Decryption
    • 7.2. Cryptosystems
    • 7.2.1. Blockchain
    • 7.2.2. Digital Signatures and Certificates
    • 7.2.3. PKI
    • 7.2.4. Key Management
    • 7.3. Hashing
    • 7.4. Encryption Algorithms
    • 7.5. Encryption Strategy Development
    • 7.5.1. Determining Critical Data Location and Type
    • 7.5.2. Deciding What to Encrypt
    • 7.5.3. Determining Encryption Requirements
    • 7.5.4. Selecting, Integrating, and Managing Encryption Technologies
    • 8. Virtualization Security
    • 8.1. Virtualization Overview
    • 8.2. Virtualization Risks
    • 8.3. Virtualization Security Concerns
    • 8.4. Virtualization Security Controls
    • 8.5. Virtualization Security Reference Model
    • 9. Cloud Computing Security
    • 9.1. Overview of Cloud Computing
    • 9.2. Security and Resiliency Cloud Services
    • 9.3. Cloud Security Concerns
    • 9.4. Cloud Security Controls
    • 9.5. Cloud Computing Protection Considerations
    • 10. Transformative Technologies
    • 10.1. Artificial Intelligence
    • 10.2. Augmented Reality
    • 10.3. Autonomous SOC
    • 10.4. Dynamic Deception
    • 10.5. Software-Defined Cybersecurity
    • 11. Summary
    Learning Objectives
    • 1. Strategic Planning
    • 1.1. Understanding the Organization
    • 1.1.1. Understanding the Business Structure
    • 1.1.2. Determining and Aligning Business and Information Security Goals
    • 1.1.3. Identifying Key Sponsors, Stakeholders, and Influencers
    • 1.1.4. Understanding Organizational Financials
    • 1.2. Creating an Information Security Strategic Plan
    • 1.2.1. Strategic Planning Basics
    • 1.2.2. Alignment to Organizational Strategy and Goals
    • 1.2.3. Defining Tactical Short, Medium, and Long-Term Information Security Goals
    • 1.2.4. Information Security Strategy Communication
    • 1.2.5. Creating a Culture of Security
    • 2. Designing, Developing, and Maintaining an Enterprise Information Security Program
    • 2.1. Ensuring a Sound Program Foundation
    • 2.2. Architectural Views
    • 2.3. Creating Measurements and Metrics
    • 2.4. Balanced Scorecard
    • 2.5. Continuous Monitoring and Reporting Outcomes
    • 2.6. Continuous Improvement
    • 2.7. Information Technology Infrastructure Library (ITIL) Continual Service Improvement (CSI)
    • 3. Understanding the Enterprise Architecture (EA)
    • 3.1. EA Types
    • 3.1.1. The Zachman Framework
    • 3.1.2. The Open Group Architecture Framework (TOGAF)
    • 3.1.3. Sherwood Applied Business Security Architecture (SABSA)
    • 3.1.4. Federal Enterprise Architecture Framework (FEAF)
    • 4. Finance
    • 4.1. Understanding Security Program Funding
    • 4.2. Analyzing, Forecasting, and Developing a Security Budget
    • 4.2.1. Resource Requirements
    • 4.2.2. Define Financial Metrics
    • 4.2.3. Technology Refresh
    • 4.2.4. New Project Funding
    • 4.2.5. Contingency Funding
    • 4.3. Managing the information Security Budget
    • 4.3.1. Obtain Financial Resources
    • 4.3.2. Allocate Financial Resources
    • 4.3.3. Monitor and Oversight of Information Security Budget
    • 4.3.4. Report Metrics to Sponsors and Stakeholders
    • 4.3.5. Balancing the Information Security Budget
    • 5. Procurement
    • 5.1. Procurement Program Terms and Concepts
    • 5.1.1. Statement of Objectives (SOO)
    • 5.1.2. Statement of Work (SOW)
    • 5.1.3. Total Cost of Ownership (TCO)
    • 5.1.4. Request for Information (RFI)
    • 5.1.5. Request for Proposal (RFP)
    • 5.1.6. Master Service Agreement (MSA)
    • 5.1.7. Service Level Agreement (SLA)
    • 5.1.8. Terms and Conditions (T&C)
    • 5.2. Understanding the Organization’s Procurement Program
    • 5.2.1. Internal Policies, Processes, and Requirements
    • 5.2.2. External or Regulatory Requirements
    • 5.2.3. Local Versus Global Requirements
    • 5.3. Procurement Risk Management
    • 5.3.1. Standard Contract Language
    • 6. Vendor Management
    • 6.1. Understanding the Organization’s Acquisition Policies and Procedures
    • 6.1.1. Procurement Life cycle
    • 6.2. Applying Cost-Benefit Analysis (CBA) During the Procurement Process5
    • 6.3. Vendor Management Policies
    • 6.4. Contract Administration Policies
    • 6.4.1. Service and Contract Delivery Metrics
    • 6.4.2. Contract Delivery Reporting
    • 6.4.3. Change Requests
    • 6.4.4. Contract Renewal
    • 6.4.5. Contract Closure
    • 6.5. Delivery Assurance
    • 6.5.1. Validation of Meeting Contractual Requirements
    • 6.5.2. Formal Delivery Audits
    • 6.5.3. Periodic Random Delivery Audits
    • 6.5.4. Third-Party Attestation Services (TPRM)
    • 7. Summary

    FAQs

    You can enroll for this classroom training online. Payments can be made using any of the following options and receipt of the same will be issued to the candidate automatically via email.
    1. Online ,By deposit the mildain bank account
    2. Pay by cash team training center location

    Highly qualified and certified instructors with 20+ years of experience deliver more than 200+ classroom training.

    Contact us using the form on the right of any page on the mildaintrainings website, or select the Live Chat link. Our customer service representatives will be able to give you more details.

    You will never miss a lecture at Mildaintrainigs! You can choose either of the two options: View the recorded session of the class available in your LMS. You can attend the missed session, in any other live batch.

    We have a limited number of participants in a live session to maintain the Quality Standards. So, unfortunately, participation in a live class without enrollment is not possible. However, you can go through the sample class recording and it would give you a clear insight about how are the classes conducted, quality of instructors and the level of interaction in a class.

    Yes, the access to the course material will be available for lifetime once you have enrolled into the course.

    Just give us a CALL at +91 8447121833 OR email at [email protected]

    CERTIFICATE OF ACHIEVEMENT

    Training features

  • Instructor-led Sessions
    Online Live Instructor-Led Classes.
    Classroom Classes at our/your premises.
    Corporate Training
  • Real-life Case Studies
    Live project based on any of the selected use cases, involving implementation of the various Course concepts.
  • Assignments
    Each class will be followed by practical assignments.
  • Lifetime Access
    You get lifetime access to presentations, quizzes, installation guide & class recordings.
  • 24 x 7 Expert Support
    We have 24x7 online support team to resolve all your technical queries, through ticket based tracking system, for the lifetime.
  • Certification
    Sucessfully complete your final course project and Mildaintrainings will give you Course completion certificate.
  • More Courses

    Modes of Training

  • Most
    Preffered

    Online Classroom


    Instructor Led Trainings
    Live Online Classroom

    View Schedules
  • One to One


    Instructor Led Training
    Live Online Classroom

    Request a Session
  • Team/Corporate


    Train your Team
    and Up-skill them

    Request a Quote
  • Demo Videos

    Our Corporate Clients

    Inquiry: Call | Whats App: +91-8447121833 | Email: [email protected]

    ENROLL NOW