ScorpionShield: views & thoughts out of a CCISO class

We were happy to welcome ScorpionShield (Lisbon) as our new ATC and C|CISO partner a few months ago. After a successful first CEH class, they have just delivered their very first CCISO – Certified Chief Information Security Officer course recently. One which, according to the trainer José Sequeira Martins, seems to have been a great success: “People are overwhelmed, they loved it”.

On this occasion, we were able to interview the participants of the class who shared with us their experiences, feelings, and advices. Here are the answers from 5 participants, which reflect most the group’s feedback.

How did you get involved with cybersecurity as a career?

Ricardo R.: I’ve learned to plan my professional career within a minimum of two years. I have always worked in IT, as a law graduate, and recently I realized that cyber security is not only a trend, but the new “theatre of war”.

My professional goal is to try keeping this awareness alive in my organization: being prepared, whenever possible, for the “D” day, the day and the moment of the attack. It is this challenge that has mainly motivated me.

Nuno A.: In my 20 years of career, I have always been interested in security issues in the business context. The paradigm changed when I realize that the theme is not limited to the business arena but is more complex and may even include and cause the undermine sovereignty of nations.

What has helped you get to the position you are in today?

Ricardo R.: It will only be a matter of time before any organization, no matter what business and services they provide, realizes that it must be prepared to respond appropriately and effectively to cybersecurity threats.

Following the answer to the previous question, I have become aware that cyber security is not only a trend (…) and therefore, find that, unfortunately, few organizations are aware of the dangers of cybercrime to which they are subject. Having realized that this is a very challenging professional opportunity and one that fully realizes me.

Nuno A.: I dedicated and invested in understanding the domains that make up cyber intelligence from the operational component, through the tactics ending up in the strategy that allowed me to have a set of comprehensive knowledge that gave me the ability to understand the holistic picture of business and the risk that assets represents to organizations.

What was it about the C|CISO program that interested you initially?

Ricardo R.: Consolidation of some knowledge that has already been learned in this area. To learn the appropriate methods and processes. The five areas of training and certification C|CISO of EC-COUNCIL offer a set of knowledge essential for performance and career development. This being what I was looking for, I can see that I was not wrong, I am very satisfied, and I feel ready.

Nuno A.: The C|CISO Program covers the 5 areas that I think are fundamental to understand in order to be able to make a correct approach at the level of the decision makers of the organizations. The program is clear, consistent and straightforward.

João N.: In an early stage I wanted only to take the CCISO course to learn more and consolidate my knowledge. Then I realized that doing the certification could be a huge benefit for my career and for the enterprise where I work.

How was your experience with your ATC and the instructor during the course?

Ricardo R.: It was a very positive experience, it exceeded my expectations, no doubt I recommend Scorpionshield ACT and instructor José Sequeira Martins to all those who wish to achieve CCISO EC-COUNCIL certification, for their professionalism, commitment and concern with individual success of each trainee.

Nuno A.: The Program’s success is largely based on the instructor’s leadership skills and how motivating he manages to be for his class. I think that the fact that we had a great instructor was fundamental to the success achieved by the whole class, congratulations to him too.

Sandra T.: It was great, allowing for success. The instructor was always available and ready for the challenge, showed deep knowledge about the topics covered.

How was your experience with the EC-Council courseware and training material?

Ricardo R.: I already knew EC-COUNCIL as a reputable certifying entity, with maximum demand level. The C|CISO training program is, once again, an example of this. Being very well organized, updated, focusing throughout the 5 domains, the core subject that has to be part of the responsibilities of a CISO in the daily performance of its functions.

João N.: EC-Council materials are a very good source of information, the way the topics are organized is very good. Of course, the instructor makes a huge difference. Our class was very lucky of having José Sequeira Martins from ScorpionShield as he has a huge experience and could always use real world examples to help us understand any topic with a simplified approach.

What tool or topic from the training would you use on a day-to-day basis?

Ricardo R.: Of all the important topics, the most important one for me focused with great emphasis throughout this training and certification is the development of a proper identification and treatment of Risk properly aligned with all stakeholders, especially with the business. The success of a CISO in an organization undoubtedly depends on being able to implement a correct Risk Management process, well aligned with the business and for being able to position itself correctly in the structure of the organization.

What’s your advice for people interested in getting into cybersecurity as a career?

Ricardo R.: Some time ago, when I was preparing a security awareness program, I found this quote, from an anonymous author, which precisely conveys the message I want to share with all the people interested in getting into cybersecurity: “Beware the silent man. For while others speak, he sees. While others act, he plans. And while they finally rest… he attacks!”

Nuno A.: My advice is to have ethics and values and dedicate yourself to deepen knowledge every day. I think we have a key role to play in global cyberspace, it feels like a game but it’s all very real.

Carlos S.: Cybersecurity is a very broad word, there are a lot of domains and disciplines that you need to address, specialization will be the key in the forwarding years. So, my advice is start by picking a domain that is of your interest but keep an eye on all the other, find your passion and commit to it, this will help any professional to achieve high levels of skills and success.

“Beware the silent man. For while others speak, he sees. While others act, he plans. And while they finally rest… he attacks!”

To conclude, in Mr. Ricardo R.’s words: “Interpret this sentence and try to carry it into your day-to-day work. If this phrase pierces your curiosity and is challenging, do not hesitate and embrace this challenge.”

If you too would like to participate in the EC-Council experience, please contact us.