EC-Council unveils new AI risk & CISO training suite

EC-Council has launched a new set of artificial intelligence certifications and an updated executive cyber leadership programme, as organisations move AI from pilots into day-to-day operations while skills and governance frameworks lag behind.

It has introduced the Enterprise AI Credential Suite, which includes four role-based qualifications, and released Certified CISO v4, a revised version of its senior cyber leadership course. EC-Council described the combined launch as its largest single portfolio expansion in 25 years.

The move comes as boards and regulators scrutinise the operational and security risks associated with machine learning and generative AI systems. Many organisations have expanded AI use across customer support, software development, fraud detection and decision support, increasing dependence on models and data pipelines that security teams are not always trained to assess.

EC-Council said the launch aligns with US government workforce efforts on applied AI education and skills pathways, citing Executive Order 14179, the July 2025 AI Action Plan workforce development pillar, and Executive Orders 14277 and 14278.

Rising risk

As adoption grows, enterprises face increasing concern about failures, misuse and hostile manipulation of AI systems. EC-Council cited IDC analysis putting unmanaged AI risk exposure at $5.5 trillion globally. It also pointed to a Bain & Company forecast of a 700,000-person reskilling gap in AI and cybersecurity roles in the United States.

International bodies have also highlighted skills as a constraint on AI-led productivity. The International Monetary Fund and the World Economic Forum have both argued that workforce readiness, rather than access to technology, often limits the economic gains of AI adoption.

AI-linked security incidents have become a common theme in corporate risk reporting. EC-Council said 87% of organisations report AI-driven attacks and that generative AI traffic has surged by 890%, expanding the number of channels through which attackers can probe systems and staff.

Skills shortages remain unevenly distributed. EC-Council said 67% of AI talent sits in 15 US cities and that women make up 28% of the AI workforce, pointing to wider participation and access challenges as demand grows.

Jay Bavisi, Group President and Founder at EC-Council, said the speed of adoption has changed the challenge facing security, technology and governance teams.

"AI is moving from experimentation to infrastructure, and the workforce has to move with it," Bavisi said. "These programs are built to give professionals practical capability across adoption, security, and governance, so organizations can scale AI with confidence and clear accountability."

Role-based tracks

The Enterprise AI Credential Suite is designed to reflect how organisations structure AI delivery and oversight. The entry point is Artificial Intelligence Essentials, positioned as a baseline certification focused on practical AI fluency and responsible use across roles.

The suite uses EC-Council's Adopt. Defend. Govern. framework. "Adopt" covers readiness and safeguards for deployment. "Defend" focuses on threats against AI systems, including prompt injection, data poisoning, model exploitation and AI supply-chain compromise. "Govern" centres on accountability, oversight and risk management.

Beyond the baseline, EC-Council has introduced three additional AI certifications. Certified AI Program Manager targets professionals who manage delivery and accountability for AI projects. Certified Responsible AI Governance & Ethics Professional focuses on operational governance aligned with frameworks such as NIST AI RMF and ISO/IEC 42001. Certified Offensive AI Security Professional covers testing and defending AI systems against attack techniques.

EC-Council has also updated its senior cyber leadership programme. Certified CISO v4 focuses on executive decision-making and governance in environments where intelligent systems influence business operations and security outcomes.

"Security leaders are now accountable for systems that learn, adapt, and influence outcomes at speed," Bavisi added.

"Certified CISO v4 prepares leaders to manage AI-driven risk with clarity, strengthen governance, and make informed decisions when responsibility is on the line."

EC-Council said the new portfolio builds on its long-standing work with government and defence organisations, referencing existing recognition of its certifications as part of the US Department of Defence 8140 baseline.

The launch enters a crowded market for AI and cybersecurity training, where universities, cloud providers, consultancies and specialist certification bodies compete to define job-ready skills. Demand has expanded beyond data science teams, with procurement, legal, risk and audit functions increasingly drawn into AI governance discussions. This has driven interest in role-based training that treats AI as part of enterprise systems rather than a standalone research discipline.

EC-Council is best known for its Certified Ethical Hacker qualification. It said it has certified more than 350,000 professionals worldwide and offers more than 200 certifications and degrees across cybersecurity fields, including forensics, security analysis and threat intelligence.

EC-Council expects organisations to place greater emphasis on formal AI governance and security skills as AI systems become embedded in operational workflows and accountability for AI-related outcomes shifts upwards to senior leaders.