Three day course. Seldom has a technology offered more opportunity and more risk than the cloud. Let the marketplace know you are ready for the challenge with the first credential dedicated to cloud security, offered by the world’s thought leader in cloud security.
This is the mother of all cloud computing security certifications. The Certificate of Cloud Security Knowledge certification is vendor-neutral and certifies competency in key cloud security areas.
—CIO.com, Top Ten Cloud Computing Certifications
It took a special group of people to perceive from the start the likely impact cloud would have on computing. Those same early adopters recognise that the degree of potential risk and reward attached to the cloud calls for a deep understanding of cloud-related security and assurance issues.
They know there is an advantage to differentiating themselves from other professionals by mastering leading-edge thought in this growing field and having an objective, third-party credential reflecting their expertise. And they are taking action, by earning the CCSK from the CSA.
The professionals who have earned a CCSK come from a variety of backgrounds and have pursued their cloud certificate for several reasons.
1. Cloud providers and information security services firms wish to demonstrate expertise in cloud as a competitive advantage and have therefore encouraged their employees to earn the CCSK from its inception. Being able to state that their employees hold the CCSK allows their potential clients to rest easy, knowing that the necessary skills will be brought to bear on their project.
2. All Third-Party Assessment Organisations (3PAOs) within the US government’s FedRamp programme have CCSKs on staff because they need an objective, consistent level of cloud security knowledge and mastery of good practices.
3. Cloud customers are faced with an increasing number of providers and services, and corresponding risks and benefits. Enterprise users who engage with many different cloud providers find CCSK especially helpful in establishing a baseline of security best practices as they deal with a broad array of responsibilities, which may range from cloud governance to configuring technical security controls.
4. Individuals and firms that provide audit, attestation or certification services know that, as more and more systems are migrated to cloud computing, they can grow their business by demonstrating, through a globally recognised credential, special knowledge of the cloud and cloud-specific security assurance.
What is CCSK? The CCSK is a credential verifying successful completion of an exam that tests a broad foundation of knowledge about cloud security.
1. Content: (14 domains, covering topics such as architecture, governance, compliance, operations, encryption and virtualisation);
2. Body of knowledge: (CSA’s “Security Guidance for Critical Areas of Focus in Cloud Computing V4.0” (English language version), the CSA Cloud Controls Matrix (CCM) and the ENISA report, “Cloud Computing: Benefits, Risks and Recommendations for Information Security”);
3. Exam: (Taken online, completed in 90 minutes. 60 multiple-choice questions selected randomly from the CCSK question pool; passing score of 80%);
4. CPEs: (The CCSK can be used to satisfy continuing professional education credits for several other IT credentials.)
CCSK is a requirement for any auditor providing services for CSA STAR Attestation, CSA’s cloud provider assessment
specification co-developed with the American Institute of Certified Public Accountants (AICPA).
1. Practical exercises and practical labs which give you solid examples of how to secure Amazon cloud services, or audit that;
2. Lunch and refreshments;
3. 1x exam token;
4. Candidate manual.
CCSK Foundation (Provides a comprehensive, one-day review of cloud security fundamentals and the body of knowledge and prepares them for the exam. The course is broken into six modules that cover the 14 domains of the CSA Guidance and the ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security.)
Module 1 | Introduction to Cloud Computing (This module covers the fundamentals of cloud computing, including definitions, architectures,and the role of virtualisation. Key topics include cloud computing service models, delivery models, and fundamental characteristics. It also introduces the Shared Responsibilities Model and a framework for approaching cloud security.)
Module 2 | Infrastructure Security for Cloud Computing (This module digs into the details of securing the core infrastructure for cloud computing- including cloud components, networks, management interfaces and administrator credentials. It delves into virtual networking and workload security, including the basics of containers and serverless.)
Module 3 | Managing Cloud Security and Risk (This module covers important considerations for managing security for cloud computing. It begins with risk assessment and governance, then covers legal and compliance issues, such as discovery requirements in the cloud. It also covers important CSA risk tools including the CAIQ, CCM, and STAR registry.)
Module 4 | Data Security for Cloud Computing (One of the biggest issues in cloud security is protecting data. This module covers information life=cycle management for the cloud and how to apply security controls, with an emphasis on public cloud. Topics include the Data Security Life-cycle, cloud storage models, data security issues with different delivery models, and managing encryption in and for the cloud, including customer managed keys (BYOK).)
Module 5 | Application Security and Identity Management for Cloud Computing (This module covers identity management and application security for cloud deployments. Topics include federated identity and different IAM applications, secure development, and managing application security in and for the cloud.)
Module 6 | Cloud Security Operations (This module covers key considerations when evaluating, selecting, and managing cloud computing providers. We also discuss the role of Security as a Service providers and the impact of cloud on Incident Response.
CCSK Plus (Builds on the CCSK Foundation class with the second and third days of training that cover expanded material and offer extensive hands-on activities that reinforce classroom instruction. Students engage in a scenario of bringing a fictional organisation securely into the cloud. This gives the opportunity to apply their knowledge by performing a series of activities that would be required in a real-world environment. CCSK Foundation Modules included. The Plus content extends the course with:)
Exercise 1 | Core Account Security (Students learn what to configure in the first 5 minutes of opening a new cloud account and enable security controls such as MFA, basic monitoring, and IAM.)
Exercise 2 | IAM and Monitoring In-Depth (Attendees expand their work on the first lab and implement more complex identity management and monitoring. This includes expanding IAM with Attribute Based Access Controls, implementing security alerting and understanding how to structure enterprise scale IAM and monitoring.)
Exercise 3 | Network and Instance Security (Students create a virtual network (VPC) and implement a baseline security configuration. They also learn how to securely select and launch a virtual machine (instance), run a vulnerability assessment in the cloud, and connect to the instance.)
Exercise 4 | Encryption and Storage Security (Students expand their deployment by adding a storage volume encrypted with a customer managed key. They also learn how to secure snapshots and other data.)
Exercise 5 | Application Security and Federation (Students finish the technical labs by completely building out a 2-tier application and implementing federated identity using OpenID.)
Exercise 6 | Risk and Provider Assessment (Students use the CSA CCM and STAR registry to evaluate risk and select a cloud provider.)
Navigating the Certification Ecosystem
For those holding ISACA’s Certified Information Systems Auditor® (CISA®) designation, better understanding of how clouds work and how they can be secured makes it easier to identify the appropriate measures to test control objectives and make appropriate recommendations. Holders of the Certified Information Systems Security Professional® (CISSP®) from (ISC)2® benefit from the alignment between the bodies of knowledge of the two credentials. All CISSP’s 10 domains have an analog in CCSK’s 14 domains; where the domains overlap, CCSK builds on the CISSP domain and provides cloud specific context.
07 – 09 Oct | Singapore city, Singapore
12 – 14 Oct | Kuala Lumpur, Malaysia
06 – 08 May | Sydney, Australia
11 – 13 May | Melbourne, Australia
09 – 11 Sep | Perth, Australia
14 – 16 Sep | Brisbane, Australia
About the Exam (Taken online, completed in 90 minutes. 60 multiple-choice questions selected randomly from the CCSK question pool; passing score of 80%; 1x exam token is included in your registration fee.)
CPEs: (The CCSK can be used to satisfy continuing professional education credits for several other IT credentials.)
Certification by : The Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud – from providers and customers, to governments, entrepreneurs and the assurance industry – and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.
Tech professionals rank CCSK #1 certification (In a recent survey of over 6,000 certified IT professionals, Certification Magazine found the Cloud Security Alliance’s CCSK certification ranked #1 in average salary amongst professionals.)
Geared towards security professionals but is also useful for anyone looking to expand their knowledge of cloud security.
Laptops required. (While presentation materials are provided including training materials and tests during the course, you are however, required to bring your own laptop. Laptop compatible OS are Windows, Linux or Mac.)
Preparation. (There is some preparation required before the course starts. You will be downloading some software and applying for an Amazon webservices account.)
Webservices account. (An Amazon web services account will need to be created ahead of the course at least two days in advance of the scheduled course date.)
Cloud usage fees. (These fees are also not included as part of the registration fee. However, it is estimated that these would not exceed a few US dollars.)
It is advised that you have at least a basic understanding of security fundamentals such as firewalls, secure development, encryption and identity management.
These are the approved faculty teaching this course. Delivery is by a single faculty. Faculty shall be assigned to teach classes in any number of locations. Changes to the schedule may arise from time to time and may result in changes as to assigned faculty.The faculty delivering courses in Malaysia is Guillaume Boutisseau. The faculty delivering courses in Australia is Moshe Ferber.
Training Grants – applicable to courses in Malaysia
The Certificate of Cloud Security Knowledge certification course is an approved course (subject to terms and conditions) under:
i) the HRDF SBL-Khas Scheme;
ii) the INDCERT (Industry Certification Scheme)
Vertical Distinct Sdn Bhd is a PSMB (Pembangunan Sumber Manusia Berhad) Approved Training Provider and the courses offered in Malaysia are HRDF (Human Resource Development Fund) claimable. For guidelines and details on how to submit your application or claims to the HRDF, please visit HRDF.