Mastering Incident Response with ECIH Certification: An Interview with Jay P Anthony
In today’s digital landscape, where security breaches are inevitable, having a robust incident response plan is essential for security teams worldwide. This growing need has led to a surge in demand for skilled incident response handlers and analysts, encouraging both IT and non-IT professionals to pursue specialized training and certifications to build the expertise required to manage real-world cybersecurity incidents. This article explores Jay Anthony’s motivation for pursuing the EC-Council Certified Incident Handler (ECIH) certification and how it has significantly impacted both him and his team’s capabilities in managing real-world cybersecurity incidents. From malware containment to structured response strategies, the ECIH training enhanced Jay’s technical proficiency, reinforced standardized incident handling protocols, and bridged knowledge gaps with practical insights and hands-on experience.
What motivated you to pursue the EC-Council Certified Incident Handler (ECIH) Certification?
I was motivated to pursue the ECIH certification due to the increasing number of security breaches we’re witnessing globally. We work with clients across the country and internationally, so we wanted to be fully prepared to respond effectively in the event of a breach.
How has the ECIH course influenced your professional development in incident handling and cybersecurity?
The course significantly influenced how we prepare our clients for incidents and respond to them. It offered both the technical knowledge and a comprehensive framework necessary for effective incident response. This has helped us ensure our clients are better protected and that we’re well-equipped to support them during a cybersecurity event.
What aspects of the ECIH program did you find most valuable, and how have they contributed to your professional development?
The most valuable aspects for me were the modules on incident identification and mitigation, particularly in the context of malware and different data-breach scenarios.
Can you share a specific scenario where knowledge from the ECIH course helped manage a cybersecurity incident?
Yes. One particular incident involved a malware outbreak at a client site, which was detected through an EDR (Endpoint Detection and Response) solution. Multiple endpoints were compromised.
Have you completed any other cybersecurity courses or certifications? If yes, how does the ECIH certification differ in terms of skills gained, career advancement opportunities, and overall value?
Yes, both I and several members of my team hold various certifications. Most of us are Certified Information Security Auditors from ISACA. I also hold the Certified Cloud Security Professional (CCSP) and Certified Information Systems Security Professional (CISSP) credentials from (ISC)², as well as the Certified Information Security Manager (CISM) certification from ISACA.
In comparison, the ECIH certification fits well alongside these credentials. Each certification focuses on different areas of cybersecurity, but ECIH is uniquely focused on incident response. What stood out was its technical depth—comparable only to the CISSP in terms of complexity. This technical rigor was extremely valuable and differentiated the course from other certifications.
How does ECIH training align with the evolving threat landscape and the need for effective incident response?
The training is extremely relevant in today’s cybersecurity environment. Breaches are now occurring at an unprecedented rate, and attackers are becoming more aggressive and sophisticated. Their tools and scripts have improved significantly. Given this reality, it’s no longer a matter of if an organization will face an incident, but when. The ECIH training equips professionals with the necessary skills to respond swiftly and effectively in such scenarios.
Can you describe any specific challenges or gaps in your incident handling knowledge that the ECIH course helped you overcome?
Before taking the course, I was familiar with incident response frameworks like the one provided by NIST, so I had a good grasp of the overall methodology. However,
Tell us about your journey as a cybersecurity professional.
My journey as a cybersecurity professional has spanned over 30 years. I began my career in 1991 as a financial auditor with Ernst & Young. Around 20 years ago, I transitioned into IT audits and have since held various Director of Audit roles, primarily with IT-centric companies that provide services to global corporations and handle large volumes of sensitive data.
This transition required me to gain in-depth knowledge of how IT and information security audits operate. Over the years, I’ve developed expertise in numerous compliance frameworks including SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST, and even FedRAMP. Understanding the intricacies of these frameworks and their control requirements has been crucial to my development as a cybersecurity professional. This foundational knowledge has enabled me to deliver value-added security consulting services both internally and to clients.
Would you recommend the EC-Council Certified Incident Handler (ECIH) course and certification to others interested in incident handling and cybersecurity?
Yes, I would absolutely recommend the ECIH certification to anyone pursuing a career in cybersecurity, particularly those involved in incident response. Being able to effectively guide your organization or clients during a cybersecurity incident is invaluable in today’s threat landscape.
Moreover, it offered guidance on managing various stakeholders—clients, internal teams, and affected end users—during a breach.
In summary, the ECIH certification is a vital resource for any cybersecurity professional. I strongly encourage anyone with an interest in incident response to pursue this training. It’s not a question of if you’ll need these skills—it’s a matter of when.
