Two information security non-profits have teamed up to offer a new cloud security certification for IT and IT security practitioners. Starting in July, (ISC)² will offer exams for the Certified Cloud Security Professional (CCSP) credential, which it has developed with the Cloud Security Alliance (CSA).
Both organizations said the new certiifcate will go beyond the information from other programs they offer – including (ISC)²’s Certified Information Systems Security Professional (CISSP) and CSA’s Certificate of Cloud Security Knowledge (CCSK). According to a joint statement, the CCSP was developed “to meet a critical market need to ensure that cloud security professionals have the required knowledge, skills and abilities to audit, assess and secure cloud infrastructures.”
The CCSP will build upon the baseline cloud security knowledge provided in the CCSK program and is intended for IT and IT security professionals whose roles are specifically intended to protect enterprise-level IT architecture that includes cloud-based infrastructure.
The issue of IT professionals needing better training in cloud security issues is especially relevant given recent data showing the majority of enterprise IT is firmly being transitioned to cloud-based infrastructure. Despite this trend, IT decision makers continue to cite security concerns when moving to the cloud.
“It’s essential to have qualified IT professionals who understand how cloud services need to be securely implemented and managed within their organizations,” said David Shearer, executive director of (ISC)², in a press statement. “We are pleased to collaborate with the distinguished Cloud Security Alliance to build this unique credential that combines the collective experience and research of both organizations and establishes a new benchmark for advanced cloud security knowledge and competence.”
Applicants looking to earn their CCSP must have a minimum of five years’ experience in IT that also includes three years of information security and one year of cloud computing. The exam will evaluate candidates in six core areas: architectural concepts and design requirements; cloud data security; cloud platform and infrastructure security; cloud application security; operations; and legal and compliance issues.
CCSP training seminars will start June 8, 2015, in the US. Certification exams will begin on July 21, 2015, and will be available at PearsonVue testing centers worldwide.
“Many enterprises have told us that cloud computing is becoming their primary IT system,” commented Jim Reavis, CEO of the Cloud Security Alliance.
“An effective cloud security strategy and architecture adds several nuances to traditional security best practices, which is why it’s critical to accelerate efforts to address the cloud security skills gap,” he concluded.