According to Goldman Sachs Research, spending on cloud computing is expected to surpass $2 trillion (USD) by the end of the decade. As dependence on cloud computing continues to deepen and expand, so does the need to secure its infrastructure and services. Meanwhile, the skills shortage in the industry is of growing concern. How can we readily address this gap while ensuring proper training and enablement are in place? That’s where quality, industry-vetted certifications can provide needed support for growing one’s skills and knowledge of cloud security.
In this article, we explore five excellent certifications that cloud security professionals (and those aspiring to become a cloud security expert) should consider to help their organizations stay ahead of risks and threats while also taking their individual careers to the next level.
What is a cloud security certification?
A cloud security certification demonstrates that an individual has the required knowledge for important roles in cloud security, signaling credibility to customers, partners, and potential employers. There are many options available that vary based on price, desired specialty (for example, expert in AWS security versus Microsoft Azure security), and ability to commit the time required to complete the course.
Let’s take a deep dive into certification options available for cloud security leaders and practitioners.
ISC2 CCSP Certification
The International Information System Security Certification Consortium (ISC2) is a nonprofit organization that specializes in training for cybersecurity professionals. The CCSP (Certified Cloud Security Professional) certification is designed specifically for those responsible for securing cloud environments, including cloud architects and security engineers. It validates advanced technical skills and knowledge in designing, managing, and securing data, applications and infrastructure in the cloud.
To qualify for the CCSP certification, candidates must pass the CCSP exam and have a minimum of five years of cumulative, paid work experience in information technology. Of those five years, three must be in information security, and one must be in one or more of the six CCSP domains:
- Cloud Concepts, Architecture & Design
- Cloud Data Security
- Cloud Platform & Infrastructure Security
- Cloud Application Security
- Cloud Security Operations
- Legal, Risk & Compliance
Both online and instructor-led (in-person or virtual) training options are available. The typical exam registration fee for the Americas region is $599 (USD). After certification, an annual maintenance fee (AMF) of approximately $135 (USD) is required, plus ongoing continuing education (CPE) credits to maintain the credential.
Learn more about the CCSP certification here.
In addition to the CCSP, ISC2 also offers other respected certifications for different career stages and specialties, including the CISSP (Certified Information Systems Security Professional) for experienced cybersecurity leaders, the CC (entry-level), and the SSCP (security administrator). All certifications provide opportunities to earn CPE credits.
Certificate of Cloud Security Knowledge (CCSK)
CCSK is offered by the Cloud Security Alliance, an organization dedicated to ensuring secure cloud computing. CCSK focuses on a holistic approach to cloud security, providing a vendor-neutral environment that covers best practices across all areas of cloud security including IAM, incident response, application security, and more. Designed for anyone in the field of cloud security, this certification is foundational with a low barrier to entry.
The 120-minute, $445 exam is open-book and taken online, with a minimum required passing score of 80%. Training options include self-paced using a free prep kit, virtual or in-person instruction, and in-person lectures with labs. If you choose options other than self-paced with the prep kit, there are additional costs.
Learn more about the CCSK here.
AWS Certified Security – Specialty
If your organization mainly uses AWS, or you’re interested specifically in AWS security, this is an ideal certification to obtain. Also, AWS does not require participants to complete any AWS-specific training in order to take the certification exam. That being said, AWS recommends that those who choose to test for this certification have five years of security and/or IT experience with at least two years of hands-on AWS workload security experience.
The website provides a comprehensive exam guide, preparation courses, and an official practice exam, making the study process clear and straightforward. Testing can be done in-person or online and the cost is $300 (USD).
Learn more about the AWS Certified Security – Specialty certification here.
Google Cloud Professional Cloud Security Engineer
If your organization primarily uses Google Cloud, this certification is a great starting point for security specialization.
Google Cloud provides an exam guide as well as virtual and in-person training options. With a length of two hours, this exam costs $200 (USD) and is only available in English and Japanese at this time. Finally, it is recommended that individuals who choose to take the exam have at least three years of industry experience and one year designing and managing solutions using Google Cloud.
Learn more about the Google Cloud Professional Cloud Security Engineer certification here.
Microsoft Azure Security Engineer Associate (AZ-500)
This certification is ideal for those with specific Azure cloud security responsibilities in the organization. The AZ-500 exam measures your ability to accomplish the following technical tasks in Microsoft Azure: manage identity and access; secure networking; secure compute, storage, and databases; and manage security operations.
Offering both self-paced and instructor-led options, the exam is about two and a half hours long. Pricing is $165 (USD) and a free practice assessment is offered.
Learn more about the AZ-500 certification here.
How do I pick the right cloud security certification?
Ultimately, the decision of which certification(s) to pursue depends on your preferences, factoring in price, time commitment, experience level, languages offered, and career goals. For example, if the organization you work for (or would like to work for) uses only Google Cloud, but has plans to utilize AWS in the future, you may choose to focus on either a Google Cloud certification or the more vendor-neutral CCSK to start. See below for a comparison table of the options mentioned in this article:
| CCSP | CCSK | AWS | Google Cloud | Azure | |
|---|---|---|---|---|---|
| Base Cost | $599 | $445 | $300 | $200 | $165 |
| Training Options | Online and in-person | Online and in-person | Online and in-person | Online and in-person | Online and in-person |
| Vendor-neutral? | Yes | Yes | No | No | No |
| Years of Experience Recommended | 5+ | None specified | 5+ | 3+ | None specified |
| Exam Length | 3-6 hours | 2 hours | About 2 hours | 2 hours | 2-4 hours |
| Renewal/Recertification | After 3 years | Not required | After 3 years | After 2 years | After 1 year |
More cloud security industry knowledge resources
While certifications are a valuable way to demonstrate expertise in cloud security, the time spent growing one’s knowledge on an ongoing basis is just as important. By attending webinars on cloud security topics, following cloud security companies on social media, and keeping up-to-date on cutting-edge research in the field, the chances to expand your understanding of cloud security best practices are endless.
