SlideShare a Scribd company logo
1 of 11
Cloud security
certifications landscape
Moshe Ferber
CCSK, CCSP, CCAK, ACSP
Chairman, Cloud Security Alliance,
Israel
#About
 Information security professional for over 20 years
 Founder, partner and investor at various cyber initiatives and startups
 Popular industry speaker & lecturer (DEFCON, RSA, BLACKHAT, INFOSEC and more)
 Founding committee member for ISC2 CCSP certification.
 CCSK Certification lecturer for the Cloud Security Alliance.
 Member of the board at Macshava Tova – Narrowing societal gaps
 Chairman of the Board, Cloud Security Alliance, Israeli Chapter
What are we going to talk about?
How to increase your cloud
security knowledge
What are we now going to talk about?
Should you invest in a certification?
(*this is a very individual decision)
Cloud security certifications landscape
Technical
Managerial
Vendor
Neutral
Vendor
based
CSA
ACSP
ISACA
CCAK
ISC2
CCSP
SANS
SEC488
Azure/AWS/
GCP security
certification
SANS
SEC510
Ec-council
CCSE
CSA
CCSK
CCSK vs. CCSP
CCSP CCSK CCAK
Vendor ISC2 + CSA CSA ISACA + CSA
Market goal Targeting security
professionals
Targeting security &
non-security
professionals
Auditors, GRC
professional,
consultants
Launched 2016 2010 2021
Insights more
comprehensive, very
methodical
Lighter, more focused
on technology and
real world
Focused on
Governance and
compliance
CCSK vs. CCSP
CCSP CCSK CCAK
Content 6 domains in the CBK (over 600
p)
Additional industry reference:
• CSA guidelines
• NIST reference architecture
• 14 domain in the CSA
Guidance – 160 p.
• ENISA guide
• CCM
• 9 domains, covering
governance,
compliance , auditing
• STAR program (CCM,
CAIQ)
Maintenance &
Membership
Need ISC2 membership &
maintain CPE’s
No maintenance , no
membership
No maintenance, require
ISACA membership
Exam 150 questions, 4 hours, passing
70% , exam center, 600$
60 questions, 90 min, passing
80%, online exam, 395$
76 questions, 120 min,
passing 70%, exam center
or proctor exam , 395$
495$ (member or non-
member)
Pre-requisites 5 years experience (details next
slide)
None (IT knowledge) None (but require cloud
knowledge)
CCSP requirements
5 Years in IT
3 Years in Security
1 year in
cloud
CISSP
OR
OR CCSK
Study options
CCSP CCSK CCAK Vendor
certification
Official
training
Instructors led and self-
pace at ISC2 and
partners website
Self-pace at CSA
website, CISCO
academy. instructor
led by partners
Self-pace at ISACA
website, instructor led
by partners
Instructor led & self
pace
Self study Buy CCSP CBK at
Amazon
All material available
for free at CSA website
Study guide & Q&A
collection at ISACA
website
Most exam materials
exist on vendor website
Unofficial
classes
unofficial classes at
udemy and few others
Almost none Udemy, Coursera,
cloud.guru, linux-
academy and others
What should you do?
Cloud
professionals
(hands on experience)
Vendor
certifications
& CCSK
Security
professionals
(no cloud experience)
CCSK
CISSP’s
looking for
next
challenge &
career path
CCSP
Auditors,
GRC
professionals
CCAK
KEEP IN TOUCH
Cloud Security Course Schedule can be find at:
http://www.onlinecloudsec.com/course-schedule

More Related Content

What's hot

Alphorm.com Formation Wallix Bastion : Le Guide du Débutant
Alphorm.com Formation Wallix Bastion : Le Guide du DébutantAlphorm.com Formation Wallix Bastion : Le Guide du Débutant
Alphorm.com Formation Wallix Bastion : Le Guide du DébutantAlphorm
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
CyberOps Associate Modul 27 Working with Network Security Data
CyberOps Associate Modul 27 Working with Network Security DataCyberOps Associate Modul 27 Working with Network Security Data
CyberOps Associate Modul 27 Working with Network Security DataPanji Ramadhan Hadjarati
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
Siber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin Kullanımı
Siber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin KullanımıSiber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin Kullanımı
Siber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin KullanımıBGA Cyber Security
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configurationAlberto Rivai
 

What's hot (20)

Alphorm.com Formation Wallix Bastion : Le Guide du Débutant
Alphorm.com Formation Wallix Bastion : Le Guide du DébutantAlphorm.com Formation Wallix Bastion : Le Guide du Débutant
Alphorm.com Formation Wallix Bastion : Le Guide du Débutant
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
Industrial_Cyber_Security
Industrial_Cyber_SecurityIndustrial_Cyber_Security
Industrial_Cyber_Security
 
CyberOps Associate Modul 27 Working with Network Security Data
CyberOps Associate Modul 27 Working with Network Security DataCyberOps Associate Modul 27 Working with Network Security Data
CyberOps Associate Modul 27 Working with Network Security Data
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is on
 
Cloud security
Cloud security Cloud security
Cloud security
 
Siber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin Kullanımı
Siber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin KullanımıSiber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin Kullanımı
Siber Tehdit Gözetleme ve SIEM Olarak Açık Kaynak Sistemlerin Kullanımı
 
SOC2 Intro and Mindfulness
SOC2 Intro and MindfulnessSOC2 Intro and Mindfulness
SOC2 Intro and Mindfulness
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
PNETLab.pdf
PNETLab.pdfPNETLab.pdf
PNETLab.pdf
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database Firewall
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
CyberArk
CyberArkCyberArk
CyberArk
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
 

Similar to Cloud security certifications landscape

CCNA R&S-01-Introduction to Cisco Certified Network Associate
CCNA R&S-01-Introduction to Cisco Certified Network AssociateCCNA R&S-01-Introduction to Cisco Certified Network Associate
CCNA R&S-01-Introduction to Cisco Certified Network AssociateAmir Jafari
 
Certifications and Career Development for Security Professionals
Certifications and Career Development for Security ProfessionalsCertifications and Career Development for Security Professionals
Certifications and Career Development for Security ProfessionalsDan Houser
 
The Cloud Skills Gap Opportunity for Training and Consulting Companies
The Cloud Skills Gap Opportunity for Training and Consulting CompaniesThe Cloud Skills Gap Opportunity for Training and Consulting Companies
The Cloud Skills Gap Opportunity for Training and Consulting CompaniesITpreneurs
 
Cisco CCIE Certifications, Scope & Career Growth in 2016
Cisco CCIE Certifications, Scope & Career Growth in 2016Cisco CCIE Certifications, Scope & Career Growth in 2016
Cisco CCIE Certifications, Scope & Career Growth in 2016Network Bulls
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”Moshiul Islam, CISSP, CISA, CFE
 
CCIE Service Provider
CCIE Service ProviderCCIE Service Provider
CCIE Service ProviderCisco Canada
 
DEVNET-1135 Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...
DEVNET-1135	Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...DEVNET-1135	Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...
DEVNET-1135 Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...Cisco DevNet
 
CISSP introduction 2016 Udemy Course
CISSP introduction 2016 Udemy CourseCISSP introduction 2016 Udemy Course
CISSP introduction 2016 Udemy CourseAdrian Mikeliunas
 
CCIE Service Provider Techtorial
CCIE Service Provider Techtorial CCIE Service Provider Techtorial
CCIE Service Provider Techtorial Cisco Canada
 
Diploma In Information Security Training and Certification Details In Delhi
Diploma In Information Security Training and Certification Details In DelhiDiploma In Information Security Training and Certification Details In Delhi
Diploma In Information Security Training and Certification Details In DelhiCRAW CYBER SECURITY PVT LTD
 
What you need to know about new CCNA certification.pdf
What you need to know about new CCNA certification.pdfWhat you need to know about new CCNA certification.pdf
What you need to know about new CCNA certification.pdfinfosec train
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Understanding IaaS/PaaS attack vectors.pptx
Understanding IaaS/PaaS attack vectors.pptxUnderstanding IaaS/PaaS attack vectors.pptx
Understanding IaaS/PaaS attack vectors.pptxMoshe Ferber
 
Canberra Chapter Certification Information Session
Canberra Chapter Certification Information SessionCanberra Chapter Certification Information Session
Canberra Chapter Certification Information SessionDavid Berkelmans
 
Top Cybersecurity Certs
Top Cybersecurity CertsTop Cybersecurity Certs
Top Cybersecurity CertsRiya Kapoor
 
CISM CISA ISACA Training Fairfax VA
CISM CISA ISACA Training Fairfax VACISM CISA ISACA Training Fairfax VA
CISM CISA ISACA Training Fairfax VAIntellectualpoint
 
Cisco careercertpaths posterfinal
Cisco careercertpaths posterfinal Cisco careercertpaths posterfinal
Cisco careercertpaths posterfinal fazed
 
Certified wireless security professional (cwsp) certified training - Adams Ac...
Certified wireless security professional (cwsp) certified training - Adams Ac...Certified wireless security professional (cwsp) certified training - Adams Ac...
Certified wireless security professional (cwsp) certified training - Adams Ac...Adams Academy
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxlior mazor
 

Similar to Cloud security certifications landscape (20)

CCNA R&S-01-Introduction to Cisco Certified Network Associate
CCNA R&S-01-Introduction to Cisco Certified Network AssociateCCNA R&S-01-Introduction to Cisco Certified Network Associate
CCNA R&S-01-Introduction to Cisco Certified Network Associate
 
Certifications and Career Development for Security Professionals
Certifications and Career Development for Security ProfessionalsCertifications and Career Development for Security Professionals
Certifications and Career Development for Security Professionals
 
The Cloud Skills Gap Opportunity for Training and Consulting Companies
The Cloud Skills Gap Opportunity for Training and Consulting CompaniesThe Cloud Skills Gap Opportunity for Training and Consulting Companies
The Cloud Skills Gap Opportunity for Training and Consulting Companies
 
Cisco CCIE Certifications, Scope & Career Growth in 2016
Cisco CCIE Certifications, Scope & Career Growth in 2016Cisco CCIE Certifications, Scope & Career Growth in 2016
Cisco CCIE Certifications, Scope & Career Growth in 2016
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
 
CCIE Service Provider
CCIE Service ProviderCCIE Service Provider
CCIE Service Provider
 
DEVNET-1135 Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...
DEVNET-1135	Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...DEVNET-1135	Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...
DEVNET-1135 Thanks, Docker! The Pro’s and Con’s of Containerizing your OpenSt...
 
ISD College ppt
ISD College pptISD College ppt
ISD College ppt
 
CISSP introduction 2016 Udemy Course
CISSP introduction 2016 Udemy CourseCISSP introduction 2016 Udemy Course
CISSP introduction 2016 Udemy Course
 
CCIE Service Provider Techtorial
CCIE Service Provider Techtorial CCIE Service Provider Techtorial
CCIE Service Provider Techtorial
 
Diploma In Information Security Training and Certification Details In Delhi
Diploma In Information Security Training and Certification Details In DelhiDiploma In Information Security Training and Certification Details In Delhi
Diploma In Information Security Training and Certification Details In Delhi
 
What you need to know about new CCNA certification.pdf
What you need to know about new CCNA certification.pdfWhat you need to know about new CCNA certification.pdf
What you need to know about new CCNA certification.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Understanding IaaS/PaaS attack vectors.pptx
Understanding IaaS/PaaS attack vectors.pptxUnderstanding IaaS/PaaS attack vectors.pptx
Understanding IaaS/PaaS attack vectors.pptx
 
Canberra Chapter Certification Information Session
Canberra Chapter Certification Information SessionCanberra Chapter Certification Information Session
Canberra Chapter Certification Information Session
 
Top Cybersecurity Certs
Top Cybersecurity CertsTop Cybersecurity Certs
Top Cybersecurity Certs
 
CISM CISA ISACA Training Fairfax VA
CISM CISA ISACA Training Fairfax VACISM CISA ISACA Training Fairfax VA
CISM CISA ISACA Training Fairfax VA
 
Cisco careercertpaths posterfinal
Cisco careercertpaths posterfinal Cisco careercertpaths posterfinal
Cisco careercertpaths posterfinal
 
Certified wireless security professional (cwsp) certified training - Adams Ac...
Certified wireless security professional (cwsp) certified training - Adams Ac...Certified wireless security professional (cwsp) certified training - Adams Ac...
Certified wireless security professional (cwsp) certified training - Adams Ac...
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
 

More from Moshe Ferber

Cloud Security - the egregious 11 cloud security threats
Cloud Security - the egregious 11  cloud security threatsCloud Security - the egregious 11  cloud security threats
Cloud Security - the egregious 11 cloud security threatsMoshe Ferber
 
Foundations of cloud security monitoring
Foundations of cloud security monitoringFoundations of cloud security monitoring
Foundations of cloud security monitoringMoshe Ferber
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computingMoshe Ferber
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial servicesMoshe Ferber
 
Architect secure cloud services.
Architect secure cloud services.Architect secure cloud services.
Architect secure cloud services.Moshe Ferber
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23   from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23   from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferberMoshe Ferber
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantageMoshe Ferber
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing Moshe Ferber
 
Cloud security what to expect (introduction to cloud security)
Cloud security   what to expect (introduction to cloud security)Cloud security   what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)Moshe Ferber
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats -  CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats -  CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsMoshe Ferber
 
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation  - Cloud Security Alliance East Europe Congress 2013Cloud security innovation  - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013Moshe Ferber
 

More from Moshe Ferber (15)

Cloud Security - the egregious 11 cloud security threats
Cloud Security - the egregious 11  cloud security threatsCloud Security - the egregious 11  cloud security threats
Cloud Security - the egregious 11 cloud security threats
 
Foundations of cloud security monitoring
Foundations of cloud security monitoringFoundations of cloud security monitoring
Foundations of cloud security monitoring
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computing
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
 
Architect secure cloud services.
Architect secure cloud services.Architect secure cloud services.
Architect secure cloud services.
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...
 
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23   from zero to secure in 1 minute - nir valtman and moshe ferberDefcon23   from zero to secure in 1 minute - nir valtman and moshe ferber
Defcon23 from zero to secure in 1 minute - nir valtman and moshe ferber
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing
 
Cloud security what to expect (introduction to cloud security)
Cloud security   what to expect (introduction to cloud security)Cloud security   what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats -  CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats -  CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startups
 
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation  - Cloud Security Alliance East Europe Congress 2013Cloud security innovation  - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
 

Recently uploaded

MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 

Recently uploaded (20)

MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 

Cloud security certifications landscape

  • 1. Cloud security certifications landscape Moshe Ferber CCSK, CCSP, CCAK, ACSP Chairman, Cloud Security Alliance, Israel
  • 2. #About  Information security professional for over 20 years  Founder, partner and investor at various cyber initiatives and startups  Popular industry speaker & lecturer (DEFCON, RSA, BLACKHAT, INFOSEC and more)  Founding committee member for ISC2 CCSP certification.  CCSK Certification lecturer for the Cloud Security Alliance.  Member of the board at Macshava Tova – Narrowing societal gaps  Chairman of the Board, Cloud Security Alliance, Israeli Chapter
  • 3. What are we going to talk about? How to increase your cloud security knowledge
  • 4. What are we now going to talk about? Should you invest in a certification? (*this is a very individual decision)
  • 5. Cloud security certifications landscape Technical Managerial Vendor Neutral Vendor based CSA ACSP ISACA CCAK ISC2 CCSP SANS SEC488 Azure/AWS/ GCP security certification SANS SEC510 Ec-council CCSE CSA CCSK
  • 6. CCSK vs. CCSP CCSP CCSK CCAK Vendor ISC2 + CSA CSA ISACA + CSA Market goal Targeting security professionals Targeting security & non-security professionals Auditors, GRC professional, consultants Launched 2016 2010 2021 Insights more comprehensive, very methodical Lighter, more focused on technology and real world Focused on Governance and compliance
  • 7. CCSK vs. CCSP CCSP CCSK CCAK Content 6 domains in the CBK (over 600 p) Additional industry reference: • CSA guidelines • NIST reference architecture • 14 domain in the CSA Guidance – 160 p. • ENISA guide • CCM • 9 domains, covering governance, compliance , auditing • STAR program (CCM, CAIQ) Maintenance & Membership Need ISC2 membership & maintain CPE’s No maintenance , no membership No maintenance, require ISACA membership Exam 150 questions, 4 hours, passing 70% , exam center, 600$ 60 questions, 90 min, passing 80%, online exam, 395$ 76 questions, 120 min, passing 70%, exam center or proctor exam , 395$ 495$ (member or non- member) Pre-requisites 5 years experience (details next slide) None (IT knowledge) None (but require cloud knowledge)
  • 8. CCSP requirements 5 Years in IT 3 Years in Security 1 year in cloud CISSP OR OR CCSK
  • 9. Study options CCSP CCSK CCAK Vendor certification Official training Instructors led and self- pace at ISC2 and partners website Self-pace at CSA website, CISCO academy. instructor led by partners Self-pace at ISACA website, instructor led by partners Instructor led & self pace Self study Buy CCSP CBK at Amazon All material available for free at CSA website Study guide & Q&A collection at ISACA website Most exam materials exist on vendor website Unofficial classes unofficial classes at udemy and few others Almost none Udemy, Coursera, cloud.guru, linux- academy and others
  • 10. What should you do? Cloud professionals (hands on experience) Vendor certifications & CCSK Security professionals (no cloud experience) CCSK CISSP’s looking for next challenge & career path CCSP Auditors, GRC professionals CCAK
  • 11. KEEP IN TOUCH Cloud Security Course Schedule can be find at: http://www.onlinecloudsec.com/course-schedule

Editor's Notes

  1. Comptia Cloud+ https://www.arcitura.com/cloud-school/certifications/certified-cloud-professional/ EXIN CCC Professional Cloud Security Manager