Cloud security remains a big concern for solution providers and vendors alike, which is one of the reasons why two leading industry organizations have collaborated to offer a new certification that will ensure VARs have the training and experience they need to properly secure their customers’ clouds.
The (ISC)² and the Cloud Security Alliance (CSA) are now offering the Certified Cloud Security Professional (CCSP) certification, which will require solution providers to have advanced skills required for cloud security. They also aim to establish an international standard for professional-level knowledge in the design, implementation and management of cloud environments, according to a Cloud Security Alliance press release.
The organizations unveiled the CCSP at the recent RSA conference. (ISC)² is a nonprofit comprised of more than 100,000 certified information and software security professionals worldwide, while the CSA is an industry organization aimed at defining and raising awareness of best practices for secure cloud computing.
The CCSP builds upon the CSA’s CCSK certification, which provides an indicator of baseline cloud security knowledge for personnel in nearly any IT position, according to the CSA.
But to secure the cloud will require new and specialized skills, according to the organizations. This thinking is in line with 73 percent of nearly 14,000 respondents to the 2015 (ISC)² Global Information Security Workforce Study, who also believe that cloud security will demand a higher level of knowledge from security professionals.
That’s where the CCSP comes in, providing deeper knowledge from hands-on security and cloud-computing experience, as well as validating practical skills for professionals who are responsible for cloud security architecture, design, operations and service orchestration on a daily basis, according to the CSA.
“It’s essential to have qualified IT professionals who understand how cloud services need to be securely implemented and managed within their organizations,” said David Shearer, executive director of the (ISC)², in the press release.
The (ISC)² study also identified cloud computing as the top area of information security with growing demand for education and training within the next three years. This is likely due to the fact that enterprises are beginning to depend more and more on cloud computing for their primary IT system, said Jim Reavis, CEO of the CSA, in the release.
“An effective cloud security strategy and architecture adds several nuances to traditional security best practices, which is why it’s critical to accelerate efforts to address the cloud security skills gap,” he said. “CCSP helps to set the highest standard for cloud security expertise.”
To attain CCSP, applicants must have a minimum of five years of experience in IT, three of which must be in information security and one in cloud computing, according to the CSA.
Further, candidates also must demonstrate capabilities in each of the six domains of the (ISC)²’s CBK, a compilation of information and software security topics. Those domains are: Architectural Concepts & Design Requirements, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Operations, and Legal and Compliance.
Solution providers can take the CCSP exam at PearsonVUE testing centers worldwide beginning July 21. Training seminars begin June 8 in the United States. More information, the exam outline, and registration for the exam or training can be done on the certification website.