On June 20, 2021, Alyssa Miller sent a Tweet announcing that she had found an EC-Council blog that had plagiarized content from one of hers. Three months after she had published "What is a Business Information Security Officer (BISO)?", EC-Council followed with their own titled "Business Information Security Officer (BISO) - All You Need To Know". After Miller's Tweet, EC-Council removed their blog but the evidence was preserved on Archive.org.
Given EC-Council's history of plagiarism, we will not do an exhaustive analysis. Instead, we'll show the first paragraph of each blog so you can see how similar they are. First, Miller's intro:
A Business Information Security Officer (BISO) is a senior security leader assigned to lead the security strategy of a division or business unit. They provide a bridge from the centralized security function to the business. The BISO functions like a deputy CISO reporting into the business line.
In their typical fashion, EC-Council changes enough words so it isn't a word-for-word match, but it is very clear the content was stolen:
A Business Information Security Officer (BISO) is a senior security leader assigned to lead a group or business unit’s security policy. He/she offers a bridge between centralized security functions and business operations. The Business Information Security Officer works as a CISO’s deputy in the organizational hierarchy, specializing in business-related information management problems, such as how to incorporate customer-centric technologies safely to protect customer information.
EC-Council's blog was not signed by an author this time around, so they cannot blame a contractor this time.
6/23 Update: EC-Council has published a response to this plagiarism incident.
