alphaspirit - Fotolia
The Cloud Security Alliance joined up with (ISC)2 and came out with a new cloud security certification, the Certified Cloud Security Professional (CCSP). Parallels have been drawn between the CCSP certification and CISSP. I am already CISSP certified and am considering the CCSP certification. How are they similar and, aside from the cloud factor, how are they different?
(ISC)2 and CSA developed the CCSP certification to meet the critical market need for cloud security professionals that have the required knowledge, skills and abilities in cloud security design, implementation, architecture, operation, controls and compliance with regulatory frameworks. The CSA's Certificate of Cloud Security Knowledge (CSSK) is a prerequisite for CCSP certification but the CISSP credential may be substituted for the CCSK prerequisite. CCSP certification training candidates must have a minimum of five years of cumulative full-time IT experience; three years must be in information security and one year in one of the six domains of the CCSP examination. The six domains are:
- Architectural concepts and design requirements
- Cloud data security
- Could platform and infrastructure security
- Cloud application security
- Legal and compliance
(ISC)2 offers a five-day classroom training and a five-day live CBT online training course. The course format for each is comprised of facilitator PowerPoint slides, short lecture and discussion, group activity in teams of three or four and individual activity where the participant completes an action plan, worksheet or evaluation. An official (ISC)2 textbook is currently not available.
The CCSP and CISSP are both vendor-neutral certifications. They assume an understanding of the (ISC)2 Common Body of Knowledge. The major difference is the CSSP certfication has a more focused approach on cloud related security. The CCSP examination consists of 125 questions to be completed in four hours. Once certified, maintaining the CCSP certification requires 90 CPEs over a three-year cycle with a minimum of 30 CPEs per year.
Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)
Find out if the Certified Cloud Security Professional certification is worth pursuing and how important cloud security certifications actually are
Take a look at (ISC)2 cybersecurity certifications
Dig Deeper on Security industry certifications
Related Q&A from Mike O. Villegas
As ransomware continues to surge, companies are faced with decisions to report the attacks, pay the ransom or both. Experts weigh in on the options ... Continue Reading
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media ... Continue Reading
A cybersecurity training center could help security professionals continue their education, but are the benefits worth the investment for enterprises... Continue Reading