alphaspirit - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Can the CCSP certification fulfill the need for educated professionals?

The CCSP certification offers security professionals a chance to boost their cloud security knowledge. Expert Mike O. Villegas explains the details and how it differs from CISSP.

The Cloud Security Alliance joined up with (ISC)2 and came out with a new cloud security certification, the Certified Cloud Security Professional (CCSP). Parallels have been drawn between the CCSP certification and CISSP. I am already CISSP certified and am considering the CCSP certification. How are they similar and, aside from the cloud factor, how are they different?

The Certified Cloud Security Professional (CCSP), which is a collaboration between the Cloud Security Alliance (CSA) and (ISC)2, has finally arrived.

(ISC)2 and CSA developed the CCSP certification to meet the critical market need for cloud security professionals that have the required knowledge, skills and abilities in cloud security design, implementation, architecture, operation, controls and compliance with regulatory frameworks. The CSA's Certificate of Cloud Security Knowledge (CSSK) is a prerequisite for CCSP certification but the CISSP credential may be substituted for the CCSK prerequisite. CCSP certification training candidates must have a minimum of five years of cumulative full-time IT experience; three years must be in information security and one year in one of the six domains of the CCSP examination. The six domains are:

  1. Architectural concepts and design requirements
  2. Cloud data security
  3. Could platform and infrastructure security
  4. Cloud application security
  5. Operations
  6. Legal and compliance

(ISC)2 offers a five-day classroom training and a five-day live CBT online training course. The course format for each is comprised of facilitator PowerPoint slides, short lecture and discussion, group activity in teams of three or four and individual activity where the participant completes an action plan, worksheet or evaluation. An official (ISC)2 textbook is currently not available.

The CCSP and CISSP are both vendor-neutral certifications. They assume an understanding of the (ISC)2 Common Body of Knowledge. The major difference is the CSSP certfication has a more focused approach on cloud related security. The CCSP examination consists of 125 questions to be completed in four hours. Once certified, maintaining the CCSP certification requires 90 CPEs over a three-year cycle with a minimum of 30 CPEs per year.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Find out if the Certified Cloud Security Professional certification is worth pursuing and how important cloud security certifications actually are

Take a look at (ISC)2 cybersecurity certifications

This was last published in December 2015

Dig Deeper on Security industry certifications