ECE Points for CEH

look at what i found on the eccouncil page:

EC-Council is introducing continuing education points which will serve to ensure that all EC-Council certified professionals maintain and further their knowledge. Professionals will need to meet the requirements of the ECE to avoid revocation of certification.

EC-Council Continuing Education (ECE) points will be earned by professionals through various means. Please see list of activities below for more information.

EC-Council will begin its ECE points system effective 1 January 2008. EC-Council certified professionals who earn ECE points from now till 31 December 2007 will be able to register these points in 2008.

ECE Requirements
Professionals will need to meet minimum requirements to maintain their certification.

1. For CEH, CHFI, CNDA, ECSA, LPT and ECSP: Professionals will need to earn 120 ECE points over a period of three (3) years with a minimum of 20 ECE points earned each year.

2. For ENSA: Professionals will need to earn 60 ECE points over a period of three (3) years with a minimum of 20 ECE points earned each year.

3. Professionals will need to pay a maintenance fee of USD50 per annum.

4. Professionals must comply with EC-Council’s Code of Ethics.

Annual Reporting
ECE points are earned on a 1 January – 31 December calendar year. Certified professionals must register their ECE points earned by 20 January of the following year to maintain their certification status.

Newly certified professionals will not need to register their ECE points for the year they attain certification. The certification period for newly certified professionals begins on 1 January of the following year. These professionals will not need to register their ECE points in the year of certification. However, points earned during the year of certification may be registered in the first reporting period.

Certified professionals must register their ECE points earned via the ECE
Credits System located in the EC-Council member portal. This system will
available from 1 January 2008.

Payment
EC-Council Certified Professionals need to pay an annual maintenance fee of USD 50.

All payments can be made online or via a check payment.

Online payments can be made on EC-Council’s online orders page at http://www.eccouncil.org/orders.htm

All check payments should be made payable to International Council Of E-Commerce Consultants and sent to EC-Council’s headquarters in Albuquerque, New Mexico, USA

All payments must be received by 20 January

Revocation & Appeal
EC-Council certified professionals who fail to meet certification requirements will have their certification revoked and will not be allowed to continue usage of the certification. Individuals whose certification has been revoked will need to take and pass the certification exam again to achieve certification.

Certified professionals whose certification has been revoked due to non-compliance of certification requirements may send in an appeal in writing to EC-Council. This appeal letter must be received by EC-Council within forty-five (45) days of the revocation notice, providing details of the appeal and reason(s) for non-compliance.

ECE Qualifying Activities
EC-Council certified professionals through various means such as:

Method Points
Passing the updated version of the exam of which the professional is certified
120 points (Full credit)
Attending EC-Council’s Security Summit Seminar 10 points
Attending EC-Council’s Hacker Halted Conference 30 points
Attending EC-Council endorsed conferences and events 5 points
Attending EC-Council Security Webinars 5 points
Presentation of a research paper at EC-Council’s Security Summit Seminar 20 points
Presentation of a research paper at EC-Council’s Hacker Halted Conference 40 points
Presentation of a research paper at EC-Council’s Security Summit at EC-Council endorsed conferences and events 20 points
Presentation of a research paper at EC-Council’s Security Summit at EC-Council Security Webinar 15 points
Publication of articles and journals for the benefit of EC-Council members 25 points

http://www.eccouncil.org/ece.htm

Looks like the council wants to make dollars.

Find more posts tagged with

Comments

sprkymrk

Is this a completely new requirement, or just a revamp/update?

Sie

Always interesting to read that you have to do this to keep certificate but that also convinently includes having to pay them each year....

JDMurray

Sie wrote:

Always interesting to read that you have to do this to keep certificate but that also convinently includes having to pay them each year....

The assumption is that you need the certification for your professional work, and that your business or employer will be paying for annual membership and renewal fees. The target customers of professional certification bodies are business organizations and not individuals.

sprkymrk

JDMurray wrote:

Sie wrote:

Always interesting to read that you have to do this to keep certificate but that also convinently includes having to pay them each year....

The assumption is that you need the certification for your professional work, and that your business or employer will be paying for annual membership and renewal fees. The target customers of professional certification bodies are business organizations and not individuals.

Let Microsoft start charging yearly fees to maintain MCP/MCSA/MCSE certifications, or have them try to make people write white papers or attend MS conferences and/or webcasts to maintain certification status and I bet you'd hear a HUGE outcry. I'm not sure why organizations like EC-Council are somehow deemed more "professional" and therefore allowed to get away with this. Looks to me like organizations such as EC-Council, SANS and ISC2 are becoming very elitest in their attitudes.

Personally I think it's a bad assumption.

JDMurray

sprkymrk wrote:

Looks to me like organizations such as EC-Council, SANS and ISC2 are becoming very elitest in their attitudes.

Many professional organizations, such as the IEEE, ACM, SEI, CompTIA, etc. charge a yearly membership fee, subscription fees, certification fees, etc. This is a standard way for such organizations to earn revenue. Microsoft's certification program was created solely to promote the use of Microsoft technologies and, IMHO, it is little more than a clever bit of marketing for Microsoft product.

sprkymrk

JDMurray wrote:

sprkymrk wrote:

Looks to me like organizations such as EC-Council, SANS and ISC2 are becoming very elitest in their attitudes.

Many professional organizations, such as the IEEE, ACM, SEI, CompTIA, etc. charge a yearly membership fee, subscription fees, certification fees, etc. This is a standard way for such organizations to earn revenue. Microsoft's certification program was created solely to promote the use of Microsoft technologies and, IMHO, it is little more than a clever bit of marketing for Microsoft product.

Well, I can't disagree with you there, but on a side note, you don't have to pay CompTIA a yearly fee to maintain your certification. It's to access additional member benefits.

JDMurray

sprkymrk wrote:

but on a side note, you don't have to pay CompTIA a yearly fee to maintain your certification. It's to access additional member benefits.

Yes, this is common as well. For example, the IEEE and ACM have many services that can be purchased without becoming a paying member too.

keatron

Other vendor specific certifications are structured this way already, just in a different way. MCSE NT means you were certified as a Microsoft Certified Systems Engineer on NT4, doesn't prove you have even a basic understanding of 2003 infrastructure. So as with every major release, there's a new certification track (MCSE 2003 etc...).

Cisco certifications expire, whether you get continuing ed or not.

I don't see why it's such a big deal for security specific certification bodies to step up and ask that certification holders grab some continuing ed units and hopefully stay abreast as to what's currently going on. Anyone in the security field has no choice but to do this anyway if they want to stay competitive and do a half way decent job in the industry. Security is something you have to constantly research and enhance your skills anyway, because of constant new exploits, worms, patches, kits, and penetration methodologies being developed by the bad guys. Now using the analogy above about MCSE; If your company still uses only NT4 or even mostly NT4, then fine, that certification is still valid for what you do day to day. But regardless of what OS or vendor specific network you're responsible for protecting, getting a CEH 4 years ago and not staying active in research and self development, will seriously hender your ability do effectively provide any reasonable level of security. 3 years ago all the hoopla was specifically about Microsoft OS holes and security short comings, but a lot of the new hype is around third party entry points into the kernel. This is just one of the many crucial focus shifts in security over the last few years. But I think I made my point, which is this; Ask yourself. Do you really want someone securing your network or hosts if they haven't had any type of education or skill upgrades in 3 years? I think not. We all say we want to maintain the integrity of the certifications we have worked so hard to gain. We all say we hate that fakers out there can so easily mimic us by wearing a certification badge that they cheated through tests to gain. We alll say we want to make this better. So when measures are put into place to enable these very things we ask for, why are we complaining?

keatron

sprkymrk wrote:

JDMurray wrote:

Sie wrote:

Always interesting to read that you have to do this to keep certificate but that also convinently includes having to pay them each year....

The assumption is that you need the certification for your professional work, and that your business or employer will be paying for annual membership and renewal fees. The target customers of professional certification bodies are business organizations and not individuals.

Let Microsoft start charging yearly fees to maintain MCP/MCSA/MCSE certifications, or have them try to make people write white papers or attend MS conferences and/or webcasts to maintain certification status and I bet you'd hear a HUGE outcry. I'm not sure why organizations like EC-Council are somehow deemed more "professional" and therefore allowed to get away with this. Looks to me like organizations such as EC-Council, SANS and ISC2 are becoming very elitest in their attitudes.

Personally I think it's a bad assumption.

Microsoft was worth well over 10 billion dollars when they introduced certifications, and are worth many billions more right now. EC Council and ISC2 are pretty much JUST certification vendors, so they don't have the bottomless budgets like Microsoft does. Also, I think it's a little unfair to expect non-vendor specific certification bodies to operate exactly like vendor specific ones. I'm an MCT and pay $400 per year to maintain that. I also have to train a certain number of people on Microsoft products. I am an EC Council Certified Instructor and an ISC2 Authorized Instructor. You know how much I have to pay in yearly fees to these guys? Nothing. Concerning EC Council, the only requirement is to maintain is that I take the latest certification exams within 6 months of their release (and I don't have to pay for it either).
I still think it's a good move. 180 CPE's to maintain the CISSP is tough I admit, but it's definitely forced me to be on my toes and heavily involved in the industry at times where I might otherwise "take breaks". It's good to hear this feed back from people I respect so highly like Mark and others, but I still have to say I agree with these moves, and I don't think the intentions are to be elitest.

Keatron.

Sie

I agree it is important to keep abreast of knowledge and technology and ensure things are kept up to date, and i totally agree to the 'having to earn credits to continue to hold certification' as this shows your are up to date and know what you have on paper.

I guess my point was just why it costs extra to do this, I suppose you could see it as a administartion charge for them holding a record on you and keeping tabs on what 'credits' you have earned.....

Either way it wasnt a derogorative comment based to belittle the certifications that do this as I have great respect fo people that get them or any certications for that matter.

Slowhand

Whether I agree with how various companies do business or not, I think is beyond the point here, as far as membership fees and recertification requirements are concerned. What it comes down to is that it really is up to each vendor to administer their own certification any way they want. If we want to become certified by that vendor, we jump through their hoops. The same goes for if we want to stay certified. It's their choice to charge the fees and write the requirements, it's our choice to pay the fees and meet the requirements. If we want it and the benefits that come with it, we do it; if we don't want it and we can't live with the requirements, we don't do it.

And, on a side note: Hey, keatron. . . is it just my imagination, or is there an Enigma lurking in your avatar?

sprkymrk

I think you may have misunderstood my main point. But it was my fault because I missed a key bullet in the listing.

Passing the updated version of the exam of which the professional is certified
120 points (Full credit)

So I have to retract my earlier statement. I only saw the bullet points below this one. I have no problem with a new test every three years. That is basically the way MS, Cisco and others operate. Anyway, if you take out that first option, maybe you can see where I was (mistakenly) coming from in my post.

Geez, I can't believe I only saw that after typing three long paragraphs defending my position, and when I went back to quote that list is when I saw it.

Thanks everyone!

keatron

Sie wrote:

I agree it is important to keep abreast of knowledge and technology and ensure things are kept up to date, and i totally agree to the 'having to earn credits to continue to hold certification' as this shows your are up to date and know what you have on paper.

I guess my point was just why it costs extra to do this, I suppose you could see it as a administartion charge for them holding a record on you and keeping tabs on what 'credits' you have earned.....

Either way it wasnt a derogorative comment based to belittle the certifications that do this as I have great respect fo people that get them or any certications for that matter.

Because it costs "extra" to maintain the records and have people on staff to do nothing but administer that program.

keatron

Slowhand wrote:

And, on a side note: Hey, keatron. . . is it just my imagination, or is there an Enigma lurking in your avatar?

Yes it is my friend. Good observation.