What does it take to become Certified Cloud Security Professional?

What does it take to become Certified Cloud Security Professional?

With the fast-growing pace of cloud migration and as more and more organisation embrace cloud computing to manage their IT, Cloud Security as a career option has taken new dimensions.

As we are aware that there is already cyber-skill shortage in the industry and with growing demand of security professionals, it is necessary for security professionals to demonstrate their level of skill-sets and knowledge of cloud computing and security.

Now, we have large number of institutes that are providing cloud security training but Cloud Security as domain is quiet young and one of the best way to demonstrate knowledge is through certifications. There are quite a few vendor-specific certifications and some independent ones as well, but one that stands out in all and demonstrate great skills of cloud security expertise is “Certified Cloud Security professional” This certification is a joint-effort of ISC2 and CSA (Cloud Security Alliance).

The certification consists of two parts – one is ISC2 CCSP exam and other is mandatory experience (with some waivers offered). ISC2 CCSP exam consist of 125 questions and out of which 25 questions are for research purposes and 100 questions are from CCSP Security domains as mentioned in CCSP CBK (Common body of Knowledge). The six domains as mentioned in CBK are:

Domain 1: Architectural Concepts and Design Requirements
Domain 2: Cloud Data Security
Domain 3: Cloud Platform and Infrastructure Security
Domain 4: Cloud Application Security
Domain 5: Operations
Domain 6: Legal and Compliance

It is true that the CCSP certification is just couple of years old and there is still shortage of cloud security training materials and specifically on materials and questions related to CCSP Security domains as defined in the CCSP CBK. But there are quite a few online companies providing CCSP Sample Questions and now secloud.guru has come up with full CCSP practice exams.

At the same time, it is also advised that if you choose for CCSP certification and you do not have a background from cyber security, doing CISSP certification first will be right choice. There are lot of common subjects like Risk Management, business continuity and application security which are explained in detailed in CISSP CBK and then they get further explained in CCSP CBK from cloud computing perspective. One added advantage you have when doing CISSP before doing CCSP is that your experience requirement in domains of cloud security gets waived off.

I wish you all the best for your choosing cloud security as a career !!