SlideShare a Scribd company logo

2015 ERII-CCISM

J.D. LeaSure, CCISM, President. ComSec LLc
J.D. LeaSure, CCISM, President. ComSec LLc

The document discusses plans to develop a new Certified Counterespionage Information Security Manager (CCISM) certification. The certification was originally created by Glenn Whidden to focus on counterespionage and technical surveillance countermeasures, but does not address modern cyber issues. The new CCISM certification will incorporate counterespionage, TSCM, information security, and cyber TSCM skill sets. It will be a management-level certification administered through an online learning platform. The certification is aimed at setting standards for TSCM professionals and bringing awareness to the relevance of cyber TSCM.

1 of 18
Download to read offline
Presenter: J.D. LeaSure Director, ERII CCISM CERTIFICATION
TABLE OF CONTENTS 1.  What Does CCISM Stand For? 2.  History of CCISM Certification •  Mr. Whidden’s Expertise •  The Original CCISM Certification 3.  The New CCISM Certification •  Skill Sets •  Overview of the Curriculum •  Structure of the CCISM Certification •  Format of the CCISM Certification Program •  Benefits of LMS System •  Accreditation/Certification of the CCISM Program •  Timeline •  Aims/Benefits •  What’s Next
WHAT DOES CCISM STAND FOR? CCISM: Certified Counterespionage Information Security Manager Certification
HISTORY OF THE CCISM CERTIFICATION Glenn H. Whidden (1928 – 2011) The CCISM certification was developed by Glenn H. Whidden. It was implemented by Mr. Whidden and Dr. Norman R. Bottom through The Institute for Countermeasures Studies (ICS), a subsidiary of Technical Services Agency, Inc.
HISTORY OF THE CCISM CERTIFICATION (Continued) •  Twenty-eight-year CIA veteran, retired 1974. •  Operated in 72 countries worldwide. •  Field experience in most types of espionage activity, including mail intercepts, surreptitious entry, electronic eavesdropping and Technical Surveillance Counter Measures (TSCM). •  Author of The Ear: Volume I, II, III Mr. Whidden’s Expertise:
HISTORY OF THE CCISM CERTIFICATION (Continued) •  Former President of Technical Services Agency Inc., a private firm that designed and marketed electronic equipment for eavesdropping detection. •  Holder of five U.S. patents. More On Mr. Whidden’s Expertise: •  Founder & Sole Proprietor of The Institute for Countermeasures Studies (ICS).
HISTORY OF THE CCISM CERTIFICATION (Continued) More On Mr. Whidden’s Expertise: •  Part-time instructor at the World Institute of Security Enhancement, Greensboro, N.C. •  Author of: •  A Guidebook for the Beginning Sweeper; •  The Russian Eavesdropping Threat -- Late 1993; •  The Attack on Axnan Headquarters; •  Five other books on the subject of counter eavesdropping. 
HISTORY OF THE CCISM CERTIFICATION (Continued) •  Prepared individuals to study potential sources of threats, defeat attacks and manage information security at an organizational level. •  Focused on counterespionage and TSCM. •  Did not address modern day cyber issues that are within the realm of cyber TSCM. The Original CCISM Certification:
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification The NEW CCISM Certification Program Will Incorporate The Following Skill Sets: •  Counterespionage •  Technical Surveillance Countermeasures (TSCM) •  Information Security/Cyber TSCM A Management Level Certification IT Focus on Cyber TSCM / Gaps Left By Cyber Security Not a Replacement for IT Cyber Security Certification
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Overview of CCISM Certification Curriculum: The Certification Program Will: •  Include counter espionage, electrical engineering and TSCM principles from The Ear, Vols. 1, 2 & 3. •  Identify the gaps between cyber TSCM and cyber security disciplines. •  Incorporate methods for exploiting networks and cyber security defenses within the realm of cyber TSCM. •  Provide counter measures detection methodologies for Cyber TSCM and network exploitations.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Structure of the CCISM Certification Program: Five (5) Separate Modules: 1.  Electrical Engineering Principles 2.  TSCM 3.  Counterespionage 4.  Network Principles 5.  Cyber TSCM Each module must be completed within a designated period of time. Each module must be completed before the next module is begun.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Format of the New CCISM Certification Program: •  Program will utilize a Learning Management System (LMS) platform for the majority of the course work. LMS: A software application for the administration, documentation, tracking, reporting and delivery of electronic educational technology (also called e-learning) education courses or training programs. •  Prerequisite of apprenticeship in TSCM/Cyber TSCM field for at least 2 years. •  Hands-on testing at 2017 ERII Annual Conference to receive CCISM certification.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Benefits of LMS System: •  The LMS is online so it allows students worldwide to complete course materials 24/7, 365 days a year at their convenience. •  Reduces costs/time for maintenance of the program. (e.g. No grading of test papers manually.) •  Provides a more consistent presentation of course materials. (e.g. No variation from instructor to instructor). •  Randomized questions and includes time controls to prevent cheating.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Accreditation / Certification of the CCISM Program: Program will be certified by The Espionage Research Institute International (ERII) in the US. Why Not Seek Private Accreditation? •  TSCM/Cyber TSCM is a specialized field. •  The Ear coursework was developed by Glenn Whidden, the foremost TSCM expert. •  No organization has more expertise in the TSCM/Cyber TSCM field than ERII.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Timeline: Winter, 2015: •  Select LMS and begin adding The Ear modules. •  Simultaneously work with network and Cyber TSCM experts to develop curriculum. Summer, 2016: •  Complete adding The Ear modules, and begin offering Vols. 1, 2 & 3 to students via the LMS. •  Begin developing the hands-on portion of the CCISM certification program.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Timeline (continued): Winter, 2016: •  Begin offering the network module in the LMS. Spring/Summer, 2017: •  Begin offering the cyber TSCM module in the LMS. Fall, 2017: •  Offer the hands-on exam at the 2017 ERII Counterespionage Conference. Winter, 2017: •  Award ERII’s first CCISM certifications
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Aims: •  Set a standard for minimum course work/knowledge of TSCM/Cyber TSCM professionals. •  Include both TSCM/Cyber TSCM to create a modernized approach to electronic eavesdropping detection. Benefits: •  Clearly distinguish Cyber TSCM from cyber security. •  Bring awareness to the relevance of Cyber TSCM and gaps in cybersecurity programs.
THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification What’s Next: •  We will be contacting individuals for networking and Cyber TSCM module input and development. ERII will be forming a CCISM advisory board. If you would like to be considered for this advisory board or If you know someone who would be of significant value in the development of the curriculum for these modules, please send their name, expertise and contact details to J.D. LeaSure or Lisa LeaSure. Thank you!

Recommended

Importance & Value of Cyber TSCM To Corporations
Importance & Value of Cyber TSCM To CorporationsImportance & Value of Cyber TSCM To Corporations
Importance & Value of Cyber TSCM To Corporations
J.D. LeaSure, CCISM, President. ComSec LLc
 
TSCM : Bug-Sweeping
TSCM : Bug-SweepingTSCM : Bug-Sweeping
TSCM : Bug-SweepingPaul Andrews
 
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationPRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationSymantec
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
Shah Sheikh
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
InfosecTrain
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
Corporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinCorporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinSteve Phelps
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
Cristian Garcia G.
 

Recommended

Importance & Value of Cyber TSCM To Corporations
Importance & Value of Cyber TSCM To CorporationsImportance & Value of Cyber TSCM To Corporations
Importance & Value of Cyber TSCM To Corporations
J.D. LeaSure, CCISM, President. ComSec LLc
 
TSCM : Bug-Sweeping
TSCM : Bug-SweepingTSCM : Bug-Sweeping
TSCM : Bug-SweepingPaul Andrews
 
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationPRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationSymantec
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
Shah Sheikh
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
InfosecTrain
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
infoLock Technologies
 
Corporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinCorporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinSteve Phelps
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
Cristian Garcia G.
 
For Critical Infrastructure Protection
For Critical Infrastructure ProtectionFor Critical Infrastructure Protection
For Critical Infrastructure Protection
Priyanka Aash
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
NetEnrich, Inc.
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
Happiest Minds Technologies
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA Cyber Security
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
Casey Lucas
 
Building CSIRT and its competency
Building CSIRT and its competencyBuilding CSIRT and its competency
Building CSIRT and its competencyDidik Partono Rudiarto
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
ImekDesign
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
Shah Sheikh
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
Cristian Garcia G.
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
Aparajita Banerjee
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
Digital Bond
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
Priyanka Aash
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Cristian Garcia G.
 
Cybersecurity Hands-On Training
Cybersecurity Hands-On TrainingCybersecurity Hands-On Training
Cybersecurity Hands-On Training
Tonex
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
Shah Sheikh
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
Rajendra Menon
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
Webinar: Critical Steps For NIST Compliance
Webinar: Critical Steps For NIST ComplianceWebinar: Critical Steps For NIST Compliance
Webinar: Critical Steps For NIST Compliance
Withum
 
CISSP with Net Security Training
CISSP with Net Security Training CISSP with Net Security Training
CISSP with Net Security Training
Drew Kahrs
 

More Related Content

What's hot

For Critical Infrastructure Protection
For Critical Infrastructure ProtectionFor Critical Infrastructure Protection
For Critical Infrastructure Protection
Priyanka Aash
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
NetEnrich, Inc.
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
Happiest Minds Technologies
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA Cyber Security
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
Casey Lucas
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
ImekDesign
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
Shah Sheikh
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
Cristian Garcia G.
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
Aparajita Banerjee
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
Digital Bond
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
Priyanka Aash
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Cristian Garcia G.
 
Cybersecurity Hands-On Training
Cybersecurity Hands-On TrainingCybersecurity Hands-On Training
Cybersecurity Hands-On Training
Tonex
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
Shah Sheikh
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
Rajendra Menon
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 

What's hot (20)

For Critical Infrastructure Protection
For Critical Infrastructure ProtectionFor Critical Infrastructure Protection
For Critical Infrastructure Protection
 
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
Building CSIRT and its competency
Building CSIRT and its competencyBuilding CSIRT and its competency
Building CSIRT and its competency
 
Adam Bulava GCC 2019
Adam Bulava GCC 2019Adam Bulava GCC 2019
Adam Bulava GCC 2019
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Cybersecurity Hands-On Training
Cybersecurity Hands-On TrainingCybersecurity Hands-On Training
Cybersecurity Hands-On Training
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
 

Similar to 2015 ERII-CCISM

Webinar: Critical Steps For NIST Compliance
Webinar: Critical Steps For NIST ComplianceWebinar: Critical Steps For NIST Compliance
Webinar: Critical Steps For NIST Compliance
Withum
 
CISSP with Net Security Training
CISSP with Net Security Training CISSP with Net Security Training
CISSP with Net Security Training
Drew Kahrs
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
yehyaibrahem2
 
Incident Handler Certification
Incident Handler CertificationIncident Handler Certification
Incident Handler Certification
SagarNegi10
 
CISSO Certification | CISSO Training | CISSO
CISSO Certification | CISSO Training | CISSOCISSO Certification | CISSO Training | CISSO
CISSO Certification | CISSO Training | CISSO
SagarNegi10
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
Abid Ur Rehman
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSOCISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSO
SagarNegi10
 
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and CertificationTonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Bryan Len
 
SSCP Certification Training in Dallas & Arlington, TX
SSCP Certification Training in Dallas & Arlington, TXSSCP Certification Training in Dallas & Arlington, TX
SSCP Certification Training in Dallas & Arlington, TX
CCI Training Center
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
PECB
 
Erau cybersecurity and security degrees
Erau cybersecurity and security degreesErau cybersecurity and security degrees
Erau cybersecurity and security degrees
ERAUWebinars
 
An introduction to the CISSP certification for self study groups
An introduction to the CISSP certification for self study groupsAn introduction to the CISSP certification for self study groups
An introduction to the CISSP certification for self study groupsTomas Ericsson
 
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and ClassroomCRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
Bharathi Grover
 
The Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsThe Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security Certifications
Mercury Solutions Limited
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by Tonex
Wesley Comal
 
Criterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conferenceCriterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conference
Joe Garza
 
CodersTrust - Defend and Protect the Free World
CodersTrust - Defend and Protect the Free WorldCodersTrust - Defend and Protect the Free World
CodersTrust - Defend and Protect the Free World
Ferdinand Kjærulff
 
Certified SOC Analyst
Certified SOC AnalystCertified SOC Analyst
Certified SOC Analyst
SagarNegi10
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
IT Governance Ltd
 

Similar to 2015 ERII-CCISM (20)

Webinar: Critical Steps For NIST Compliance
Webinar: Critical Steps For NIST ComplianceWebinar: Critical Steps For NIST Compliance
Webinar: Critical Steps For NIST Compliance
 
CISSP with Net Security Training
CISSP with Net Security Training CISSP with Net Security Training
CISSP with Net Security Training
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
 
Incident Handler Certification
Incident Handler CertificationIncident Handler Certification
Incident Handler Certification
 
CISSO Certification | CISSO Training | CISSO
CISSO Certification | CISSO Training | CISSOCISSO Certification | CISSO Training | CISSO
CISSO Certification | CISSO Training | CISSO
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSOCISSO Certification| CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSO
 
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and CertificationTonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
Tonex Cybersecurity Fundamentals, Cybersecurity Training and Certification
 
SSCP Certification Training in Dallas & Arlington, TX
SSCP Certification Training in Dallas & Arlington, TXSSCP Certification Training in Dallas & Arlington, TX
SSCP Certification Training in Dallas & Arlington, TX
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
Erau cybersecurity and security degrees
Erau cybersecurity and security degreesErau cybersecurity and security degrees
Erau cybersecurity and security degrees
 
An introduction to the CISSP certification for self study groups
An introduction to the CISSP certification for self study groupsAn introduction to the CISSP certification for self study groups
An introduction to the CISSP certification for self study groups
 
CISSP-WEB
CISSP-WEBCISSP-WEB
CISSP-WEB
 
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and ClassroomCRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
 
The Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security CertificationsThe Ultimate Guide To Cyber Security Certifications
The Ultimate Guide To Cyber Security Certifications
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by Tonex
 
Criterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conferenceCriterios Minimos de Seguridad CTPAT 2019 conference
Criterios Minimos de Seguridad CTPAT 2019 conference
 
CodersTrust - Defend and Protect the Free World
CodersTrust - Defend and Protect the Free WorldCodersTrust - Defend and Protect the Free World
CodersTrust - Defend and Protect the Free World
 
Certified SOC Analyst
Certified SOC AnalystCertified SOC Analyst
Certified SOC Analyst
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 

2015 ERII-CCISM

  • 1. Presenter: J.D. LeaSure Director, ERII CCISM CERTIFICATION
  • 2. TABLE OF CONTENTS 1.  What Does CCISM Stand For? 2.  History of CCISM Certification •  Mr. Whidden’s Expertise •  The Original CCISM Certification 3.  The New CCISM Certification •  Skill Sets •  Overview of the Curriculum •  Structure of the CCISM Certification •  Format of the CCISM Certification Program •  Benefits of LMS System •  Accreditation/Certification of the CCISM Program •  Timeline •  Aims/Benefits •  What’s Next
  • 3. WHAT DOES CCISM STAND FOR? CCISM: Certified Counterespionage Information Security Manager Certification
  • 4. HISTORY OF THE CCISM CERTIFICATION Glenn H. Whidden (1928 – 2011) The CCISM certification was developed by Glenn H. Whidden. It was implemented by Mr. Whidden and Dr. Norman R. Bottom through The Institute for Countermeasures Studies (ICS), a subsidiary of Technical Services Agency, Inc.
  • 5. HISTORY OF THE CCISM CERTIFICATION (Continued) •  Twenty-eight-year CIA veteran, retired 1974. •  Operated in 72 countries worldwide. •  Field experience in most types of espionage activity, including mail intercepts, surreptitious entry, electronic eavesdropping and Technical Surveillance Counter Measures (TSCM). •  Author of The Ear: Volume I, II, III Mr. Whidden’s Expertise:
  • 6. HISTORY OF THE CCISM CERTIFICATION (Continued) •  Former President of Technical Services Agency Inc., a private firm that designed and marketed electronic equipment for eavesdropping detection. •  Holder of five U.S. patents. More On Mr. Whidden’s Expertise: •  Founder & Sole Proprietor of The Institute for Countermeasures Studies (ICS).
  • 7. HISTORY OF THE CCISM CERTIFICATION (Continued) More On Mr. Whidden’s Expertise: •  Part-time instructor at the World Institute of Security Enhancement, Greensboro, N.C. •  Author of: •  A Guidebook for the Beginning Sweeper; •  The Russian Eavesdropping Threat -- Late 1993; •  The Attack on Axnan Headquarters; •  Five other books on the subject of counter eavesdropping. 
  • 8. HISTORY OF THE CCISM CERTIFICATION (Continued) •  Prepared individuals to study potential sources of threats, defeat attacks and manage information security at an organizational level. •  Focused on counterespionage and TSCM. •  Did not address modern day cyber issues that are within the realm of cyber TSCM. The Original CCISM Certification:
  • 9. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification The NEW CCISM Certification Program Will Incorporate The Following Skill Sets: •  Counterespionage •  Technical Surveillance Countermeasures (TSCM) •  Information Security/Cyber TSCM A Management Level Certification IT Focus on Cyber TSCM / Gaps Left By Cyber Security Not a Replacement for IT Cyber Security Certification
  • 10. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Overview of CCISM Certification Curriculum: The Certification Program Will: •  Include counter espionage, electrical engineering and TSCM principles from The Ear, Vols. 1, 2 & 3. •  Identify the gaps between cyber TSCM and cyber security disciplines. •  Incorporate methods for exploiting networks and cyber security defenses within the realm of cyber TSCM. •  Provide counter measures detection methodologies for Cyber TSCM and network exploitations.
  • 11. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Structure of the CCISM Certification Program: Five (5) Separate Modules: 1.  Electrical Engineering Principles 2.  TSCM 3.  Counterespionage 4.  Network Principles 5.  Cyber TSCM Each module must be completed within a designated period of time. Each module must be completed before the next module is begun.
  • 12. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Format of the New CCISM Certification Program: •  Program will utilize a Learning Management System (LMS) platform for the majority of the course work. LMS: A software application for the administration, documentation, tracking, reporting and delivery of electronic educational technology (also called e-learning) education courses or training programs. •  Prerequisite of apprenticeship in TSCM/Cyber TSCM field for at least 2 years. •  Hands-on testing at 2017 ERII Annual Conference to receive CCISM certification.
  • 13. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Benefits of LMS System: •  The LMS is online so it allows students worldwide to complete course materials 24/7, 365 days a year at their convenience. •  Reduces costs/time for maintenance of the program. (e.g. No grading of test papers manually.) •  Provides a more consistent presentation of course materials. (e.g. No variation from instructor to instructor). •  Randomized questions and includes time controls to prevent cheating.
  • 14. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Accreditation / Certification of the CCISM Program: Program will be certified by The Espionage Research Institute International (ERII) in the US. Why Not Seek Private Accreditation? •  TSCM/Cyber TSCM is a specialized field. •  The Ear coursework was developed by Glenn Whidden, the foremost TSCM expert. •  No organization has more expertise in the TSCM/Cyber TSCM field than ERII.
  • 15. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Timeline: Winter, 2015: •  Select LMS and begin adding The Ear modules. •  Simultaneously work with network and Cyber TSCM experts to develop curriculum. Summer, 2016: •  Complete adding The Ear modules, and begin offering Vols. 1, 2 & 3 to students via the LMS. •  Begin developing the hands-on portion of the CCISM certification program.
  • 16. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Timeline (continued): Winter, 2016: •  Begin offering the network module in the LMS. Spring/Summer, 2017: •  Begin offering the cyber TSCM module in the LMS. Fall, 2017: •  Offer the hands-on exam at the 2017 ERII Counterespionage Conference. Winter, 2017: •  Award ERII’s first CCISM certifications
  • 17. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification Aims: •  Set a standard for minimum course work/knowledge of TSCM/Cyber TSCM professionals. •  Include both TSCM/Cyber TSCM to create a modernized approach to electronic eavesdropping detection. Benefits: •  Clearly distinguish Cyber TSCM from cyber security. •  Bring awareness to the relevance of Cyber TSCM and gaps in cybersecurity programs.
  • 18. THE NEW CCISM CERTIFICATION Certified Counterespionage Information Security Manager Certification What’s Next: •  We will be contacting individuals for networking and Cyber TSCM module input and development. ERII will be forming a CCISM advisory board. If you would like to be considered for this advisory board or If you know someone who would be of significant value in the development of the curriculum for these modules, please send their name, expertise and contact details to J.D. LeaSure or Lisa LeaSure. Thank you!