Monday, 18 February 2019

ECIH v2 released by EC-Council (Certified Incident Handler)

ECIH v2 Update Certified Incident Handler title image
EC-Council’s Certified Incident Handler (ECIH) is one of the most globally respected incident handling certifications. It covers how to prepare for, manage and recover from a wide range of incident threats to an organisation.

On the 15th of February EC-Council released ECIH Version 2 (v2). As a top EC-Council partner, Firebrand had the chance to preview the new certification.

Here’s a quick look at the changes introduced in the ECIH v2:

  • Completely new and updated content and curriculum 
  • Compliant with NICE 2.0 and CREST Framework 
  • New & Advanced Labs 
  • Comprehensive resources and templates 

New and updated content

To create the new ECIH certification, Sean Lim, COO of the EC-Council group said they have “completely torn apart ECIH v1, and rebuilt it from the ground up.”

The updated certification includes an entirely new curriculum with a greater focus on first response and forensic readiness – a move which reflects the current deficit and needs within the wider industry.

The certification now includes complete structured IH&R processes for malware, email, network, web application and cloud security incidents and insider threat-related incidents.

EC-Council have created the new version of ECIH with careful Job Task Analysis for Incident Handling and Incident First Responder roles, making it a comprehensive training certification for these professions. 

Framework compliance

EC-Council’s updated ECIH certification is now 100% compliant with CREST Frameworks. CREST is an international not-for-profit organisation that sets industry benchmarks in the technical information security market.

ECIH v2 maps 100% to the 'CREST Certified Incident Manager (CCIM)', which emphasises the requirements of incident handlers in real-world situations.

The UK Government requires that every company providing Cyber Incident Response services have at least one CREST Certified manager on their team.

EC-Council’s new version of the ECIH is also 100% compliant with NICE Cybersecurity Workforce Framework. This is the USA’s national cyber security framework, which ensures that a trusted structure and language is maintained throughout the cyber security profession.

This new certification maps under the category “Protect and Defend (PR)” and the specialty “Incident Response (CIR)”. Focusing on maximising the survival of life, preservation of property and information security, this is an essential part of preserving a whole organisation’s safety.

By meeting these two requirements, professionals who now achieve the ECIH v2 certification will  prove their skills at a global level. 

New advanced labs

ECIH v1 lacked labs, but EC-Council have completely revised ECIH v2 to be a hands-on course.

The course now boasts 50 online labs and 800 tools, including 4 OS. The theory to practice ratio is 60:40, with the labs simulating real world incident handling and response tools, techniques, methodologies and frameworks across different operating platforms. 

Structured resources

EC-Council’s ECIH v2 courseware now includes over 100 incident handling templates, checklists and cheat sheets.

Professionals that train or certify on the ECIH v2 will be able to take these into their incident handling and first response roles. This even includes comprehensive templates for incident handler reports. 

What are the ECIH v2 prerequisites?

This certification is designed for cyber security professionals with a minimum of 2 years’ experience; and individuals tasked with preventing and remediating cyber threats.

ECIH v2 is ideal for any professional either currently working or looking to work in incident handling and first response, penetration testers and network administrators. It’s also a good way for a business to up-skill staff to create an incident response plan. 

How can you get certified?

It is possible to self-study for ECIH, but with a full 9 module curriculum with over 700 slides and 800 tools to cover, it takes a lot of time. If you’re looking to get certified fast, train with Firebrand.

You’ll be training with the best: Firebrand have won Accredited Training Centre of the year 9 years in a row. Benefit from official instructors, labs and courseware in Firebrand’s distraction free environment.

Interested in getting ECIH V2 certified? Get certified in twice the speed with Firebrand’s accelerated, all-inclusive ECIH course.