New cloud security certification from (ISC)2 and CSA

Today, at the RSA Conference 2015, (ISC)2 and the CSA announced the new Certified Cloud Security Professional (CCSP) certification. The CCSP represents the advanced skills required to secure the cloud, while establishing an international standard for professional-level knowledge in the design, implementation and management of cloud environments.

The CCSP complements and builds upon existing certifications and education programs, including (ISC)2’s Certified Information Systems Security Professional (CISSP) and CSA’s Certificate of Cloud Security Knowledge (CCSKTM).

CSA’s CCSK provides an indicator of baseline cloud security knowledge appropriate for almost any IT position. The CCSP credential builds upon many of the areas covered by CCSK in order to provide deeper knowledge derived from hands-on information security and cloud computing experience. It validates practical know-how skills applicable to those professionals whose day-to-day responsibilities involve cloud security architecture, design, operations and service orchestration.

The CCSP credential is intended for professionals who are heavily involved in cloud security via roles that are accountable for protecting enterprise architectures.

To attain CCSP, applicants must have a minimum of five years of experience in IT, of which three must be in information security and one year in cloud computing. All candidates must be able to demonstrate capabilities in each of the six CBK domains:

  • Architectural Concepts & Design Requirements
  • Cloud Data Security
  • Cloud Platform and Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal and Compliance.

The CCSP exam will be available at PearsonVUE testing centers worldwide beginning July 21, 2015. Training seminars begin June 8, 2015 in the United States.

“Many enterprises have told us that cloud computing is becoming their primary IT system,” says Jim Reavis, CEO, Cloud Security Alliance. “An effective cloud security strategy and architecture adds several nuances to traditional security best practices; which is why it’s critical to accelerate efforts to address the cloud security skills gap. CCSP helps to set the highest standard for cloud security expertise. The program we have developed with (ISC)2 creates strong incentives for information security professionals to obtain both the CCSK and CCSP, which will create a workforce of experts who possess a mastery of the broadest cloud security body of knowledge.”