Philip Blake | EC-Council | IP Expo 2018
Philip Blake from EC-Council joined us at IP Expo 2018 to talk about EC-Council’s new Blockchain training and certification. Hosted by David Terrar and Steve Denby.
Philip: Sure, so I run a company called EC-Council. Globally we are one of the largest cybersecurity training and certification bodies and I run their European operations.
Steve: Very good. So have you had a good look around today?
Philip: I’ve had a look around, yeah, very impressive. Lots of exciting stands, lots of exciting talks going on. So I’m looking forward to spending the next couple of days here.
David: So anything, in particular, you’re looking for?
Philip: Well, I am in sales, so I would I be forgiven if I said some of that but not just to get our message out there. We also have another stand around blockchain as well. So we are someone who developed a new blockchain certification so to upskill for every 14 jobs that are advertised for Blockchain professionals there’s only one available. So it’s, we operating on are looking to upskill those in the cybersecurity front.
Steve: Just say that statistic again for every 14 jobs there’s only one candidate. That’s great. Well, you heard that here first. And you’re providing training?
Philip: So we are providing training and certification for blockchain professionals yes. So anyone who is on the blockchain side, anyone who is a developer who has skills in c-sharp or C++ any of this base programming knowledge can look into taking courses.
Steve: So you’re talking about coders. Using their experience with this blockchain type skill set?
Philip: Currently, the earnings of contractors are charging us and 500, 550 pounds an hour something around that range for simple blockchain development, as you guys are probably aware it’s the buzzword out there at the moment. We’re more on the cyber circle currently, more well-known for the cybersecurity side of things and we had cases such as our certified ethical hacker. If you guys are familiar with that, it is working one amongst others. Then we could go through the whole penetration testing instant handling forensic investigation which with GDPR people are starting to worry about the loss of their data and seeing Facebook hit by it in Google hit it’s just a matter of time before any more SMEs and larger companies are dealing with breaches.
David: Tell us a bit more about the kind of customers that you are working with?
Philip: Sure, so it could be individuals who are looking to get into cyber security maybe they are a networking engineer or and IT manager who sees themselves and transitioning into security. So I’ll have conversations with those individuals to try and push them into cyber security. But then also looking at the larger companies the Telcos, consultancies, banks, etc who ultimately, are having some issues trying to try to find talent, trying to retain talent and internally trying to upskill talent. So we’re trying to work with large companies and for medium companies to help them combat those issues that they’re facing.
Steve: So it must be a lower cost too, home growing those that are experts in it I’m guessing.
Philip: Well, that’s our mantra. So, if you diffusible work with us we can, instead of going to a large consultancy, do something as simple as a phishing exercise, you can do that with a very simple version of Linux. They can roll out a phishing exercise for the consultants, charging in the range of 50 thousand forever for an entry-level phishing of a medium-sized company. Now if people have an individual in-house, internally a network engineer and IT manager who is able to do that for you. You’re paying a fraction of the cost just to be able to upskill them to be able to do that and through whether it’s instructor lead training, e-learning there are all formats that we can offer those individuals.
Steve: What’ your fastest-selling training today?
Philip: Our fastest selling training to date, so we’re well known for CH that is our flagship products. But our fastest-growing is the CC course currently. So everyone thinks oh it’s just another information security course. No, it’s actually a leadership course. So we developed it for the US Navy and ultimately the situation we found ourselves in across the globe is we’ve had IT security managers, who may not necessarily have the correct skills to deal with board level conversations, have been thrust into boardroom conversations and been told right you’re now head of IT security and you’re now CSO and they don’t understand that need to have those conversations around return on investment. So the financial aspect of things it’s part of the courses, actually, there’s a half-day war game that we run. So it’s a ‘you’ve been hacked scenario’ and the trainer will throw in some areas and ever developing scenarios for that individual to handle so it’s quite exciting. So CC course is our fastest growing.
Steve: Sounds like a lot of fun.
David: It is very necessary.
Philip: We were running it for the US Navy, we ran it for the Australian government’s so a number of our are partners across the UK, Europe and around the globe. We have around 145 customers, well over a 145 depending on which location we can get to or not.
David: So if the training site is growing are there any kind of new areas outside of that which you’re looking at as well?
Philip: So I suppose I’ve already touched on the blockchain side of things. So in a wider scope of digital transformation. So we have project management as a renewed digital project management course and as well, the blockchain course is something that we’re really pushing and really seeing demand for.
David: So what’s the aim here? what kind of individuals? Are you aiming at the developer techies?
Philip: Actually, we have three levels of that course. So the developer techies, obviously, they have the strategy and implementation that’s a lot our training needs that you have someone to develop. But actually, we have sort of one and two-day courses. So a full stack developer goes for a 5-day technical course, whereas those maybe middle managers were looking along the implementation side then there’s a two-day course. So it’s a lot less technical and then for those sort of board level senior managing directors who need to have an oversight of essentially what blockchain is. They will need a one-day course where it’s almost a blockchain awareness course, how it can benefit them and they can utilize it.
David: So how often do you run that course?
Philip: We only recently launched that course about a month ago now.
David: The reason I’m asking, by the way, is I’m in the process of doing some research for a well-known vendor and I’ve seen there isn’t much out there for those who are senior management trying to understand this topic and trying to figure out what snake oil and what’s real.
Philip: The general idea is so that the developers, those that are implementing it and the sort of the top-end strategy all aligned, each course will sort of marry up with the next level so to speak. So we’re in conversations with large organisations who are obviously looking to implement the blockchain across to leverage the technology. We’re in conversations with them to essentially start from top-down or bottom-up, whichever way they want to do it we can cater for it.
Steve: Very good, So certainly a fast-moving topic.
Philip: Yeah, it is. And I am sure will have numerous iterations of the course and people constantly developing it. Bringing new things out. But yes, there’s lots of questions around it.
David: You said you’ve got stuff specifically around the blockchain topic and it’s just great. How about some of the other fast-changing ones like automation, AI that kind of thing?
Philip: They’re in the pipeline. So our business transformation Division IIB. It’s obviously the blockchain that you know, we’re looking at all the buzzwords and all the guys at BrightTalk and any conversation which is going on at the moment. You mentioned blockchain, you mentioned Artificial intelligence, you mentioned machine learning. So there is a pipeline of products that are coming. AI and machine learning are on the coming through list. Also on the cybersecurity side it’s how AI, machine learnings lends themselves to the cybersecurity as well. So there’s a lot of things coming through from what we’re developing.
David: Who do you see as your competitors?
Philip: So I’m going to be very diplomatic. So I don’t see, in terms of competition, especially on the cybersecurity side of things. I think everything is complimentary and cybersecurity is a global issue, billions if not trillions of dollars are going missing every year that needs to be accounted for. Now, we do have what you would call competitors but a lot of them are complementary. We may have to take a different angle on things and can everyone be certified enough. I don’t think they can but I’d be lying if I didn’t think that they were not producing what I call the front-running site globally or world-leading products and we do have. Especially when we work now in the cybersecurity side and the practical element of things. So, we are remotely proctoring professionals so it’s not just a multiple choice test anymore. It is you have to showcase the practical skills and we have new products in the pipeline for HR. Then that’ll be enough. We actually have products coming out which will proactively be able to test the individuals who are applying for these jobs. So that actually is the most responsible thing to do for the industry because if someone has a certification which they may have counterfeit or how they acquired it doesn’t matter, with our certifications everything’s protected. So we try to stack that out and make sure that they have done the necessary course and work to be able to say that. But if on the other side of things if you want to make sure that you’re hiring the right people who are able to do the job that they’re employing for, so that’s what’s coming through.