(ISC)2 and the Cloud Security Alliance (CSA) today announced the new Certified Cloud Security Professional (CCSP) certification. The CCSP represents the advanced skills required to secure the cloud, while establishing an international standard for professional-level knowledge in the design, implementation and management of cloud environments.
(ISC)² and CSA developed the CCSP to meet a critical market need to ensure that cloud security professionals have the required knowledge, skills and abilities to audit, assess and secure cloud infrastructures. It complements and builds upon existing certifications and education programs, including (ISC)²’s Certified Information Systems Security Professional (CISSP®) and CSA’s Certificate of Cloud Security Knowledge (CCSKTM).
CSA’s CCSK provides an excellent indicator of baseline cloud security knowledge appropriate for almost any IT position. The CCSP credential builds upon many of the areas covered by CCSK in order to provide deeper knowledge derived from hands-on information security and cloud computing experience. It validates practical know-how skills applicable to those professionals whose day-to-day responsibilities involve cloud security architecture, design, operations and service orchestration. The CCSP credential is intended for professionals who are heavily involved in cloud security via roles that are accountable for protecting enterprise architectures.
“It’s essential to have qualified IT professionals who understand how cloud services need to be securely implemented and managed within their organizations,” says David Shearer, CISSP, PMP, executive director, (ISC)². “We are pleased to collaborate with the distinguished Cloud Security Alliance to build this unique credential that combines the collective experience and research of both organizations and establishes a new benchmark for advanced cloud security knowledge and competence.”
According to the 2015 (ISC)² Global Information Security Workforce Study, 73 percent of nearly 14,000 respondents believe that cloud computing will require information security professionals to develop new skills. Cloud computing was also identified as the top area of information security with growing demand for education and training within the next three years.
“Many enterprises have told us that cloud computing is becoming their primary IT system,” says Jim Reavis, CEO, Cloud Security Alliance. “An effective cloud security strategy and architecture adds several nuances to traditional security best practices; which is why it’s critical to accelerate efforts to address the cloud security skills gap. CCSP helps to set the highest standard for cloud security expertise. The program we have developed with (ISC)2 creates strong incentives for information security professionals to obtain both the CCSK and CCSP, which will create a workforce of experts who possess a mastery of the broadest cloud security body of knowledge.”
To attain CCSP, applicants must have a minimum of five years of experience in IT, of which three must be in information security and one year in cloud computing. All candidates must be able to demonstrate capabilities in each of the six CBK domains:
• Architectural Concepts & Design Requirements
• Cloud Data Security
• Cloud Platform and Infrastructure Security
• Cloud Application Security
• Legal and Compliance
The CCSP exam will be available at PearsonVUE testing centers worldwide beginning July 21, 2015. Training seminars begin June 8, 2015 in the United States. Candidates can find more information about CCSP, download the exam outline, register for the exam and/or training at https://www.isc2.org/ccsp.
Formed in 1989, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with over 100,000 members in more than 160 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), the Certified Cyber Forensics Professional (CCFPSM), Certified Cloud Security Professional (CCSPSM), Certified Authorization Professional (CAP®), HealthCare Information Security and Privacy Practitioner (HCISPPSM), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at www.isc2.org.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA has developed the definitive best practices for the industry, such as the "Security Guidance for Critical Areas of Focus in Cloud Computing", the "Cloud Controls Matrix", "Top Threats to Cloud Computing" and 50 other cloud security research artifacts. For further information, visit us at www.cloudsecurityalliance.org.