taming the cloud together ccsp & ccsk synergy · where the ccsk fits •provides baseline...
TRANSCRIPT
![Page 1: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/1.jpg)
Taming the Cloud Together CCSP & CCSK Synergy
David Shearer, CEO, (ISC)²; Jim Reavis, CEO, CSA; Kevin Jackson, GovCloudNetwork; Rich Mogull, Securosis;
Brandon Dunlap (Moderator)
![Page 2: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/2.jpg)
David Shearer
CEO, (ISC)²
Brandon DunlapModerator
Kevin JacksonFounder and CEO, GovCloudNetwork
Rich MogullFounder, Securosis
Jim ReavisCEO, CSA
![Page 3: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/3.jpg)
Jim ReavisCEO, CSA
![Page 4: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/4.jpg)
David ShearerCEO, (ISC)² David ShearerDavid Shearer
![Page 5: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/5.jpg)
• How CCSK and CCSP complement one another
• Why it’s important for practitioners
• Certificate and Certification are both valuable but are not synonymous
– Different assessment goals – previously acquired versus learning event acquired
– Different exam conformity requirements
– Different accreditation requirements
Certificate or Certification?
http://www.credentialingexcellence.org/p/cm/ld/fid=4
![Page 6: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/6.jpg)
Certificate of Cloud Security Knowledge
Rich Mogull, Securosis
![Page 7: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/7.jpg)
Cloud Is an Alien Life Form• Cloud is developer-driven• Things that look the same, most definitely
are not the same– E.g. is a cloud route table the same as the
one on your router?
• Every provider is fundamentally different at the lowest possible levels
• Old patterns are now new antipatterns
![Page 8: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/8.jpg)
Security Providers Need a Very Particular Set of Skills
• Provider-specific security architectures– Requires a technical understanding, and
changes daily. E.g. serverless DMV?
• Security coding• Updated incident response and
remediation• Cloud-specific risk assessment
![Page 9: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/9.jpg)
Where the CCSK Fits• Provides baseline knowledge in all
security domains• CCSK-Plus reinforces with practical,
technical, hands-on labs• Can be delivered to non-security cloud
professions (ops/dev) to improve their awareness.
![Page 10: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/10.jpg)
Certified Cloud Security Professional
Kevin L. Jackson, CISSP®,CCSP®, CCSK®
![Page 11: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/11.jpg)
Role of the CCSPThe CCSP credential denotes professionals with deep-seated knowledge and competency derived from hands-on experience with information security and cloud computing. CCSPs help you achieve the highest standard for cloud security expertise and enable your organization to benefit from the power of cloud computing while keeping sensitive data secure.
![Page 12: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/12.jpg)
Certified Professionals: Experience + Knowledge• Cloud deployment models, service models
and implementation models.• Key terminology, and associated definitions.• Legal, contractual, security, privacy and
compliance considerations.• Cloud service provider due diligence• Cloud security strategy development and
implementation• Design, execution and management of
cloud ecosystem security strategy• Cloud adoption business case development
![Page 13: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/13.jpg)
Certification Domains
• Architectural Concepts and Design Requirements
• Cloud Date Security • Cloud Platform and Infrastructure
Security • Cloud Application Security • Operations• Legal and Compliance
![Page 14: Taming the Cloud Together CCSP & CCSK Synergy · Where the CCSK Fits •Provides baseline knowledge in all security domains •CCSK-Plus reinforces with practical, technical, hands-on](https://reader031.vdocuments.us/reader031/viewer/2022013020/5e7b55339d1c005b9548e28c/html5/thumbnails/14.jpg)
David Shearer
CEO, (ISC)²
Brandon DunlapModerator
Kevin JacksonFounder and CEO, GovCloudNetwork
Rich MogullFounder, Securosis
Jim ReavisCEO, CSA