According to IDC, worldwide cloud spend is expected to surpass $1 billion in 2024. With the rise of cloud adoption comes the need to secure cloud infrastructure and services. Meanwhile, the skills shortage in the industry is of growing concern. How can we readily address this gap while ensuring proper training and enablement are in place? That’s where quality, industry-vetted certifications can provide needed support for growing one’s skills and knowledge of cloud security.
In this article, we explore five excellent certifications that cloud security professionals (and those aspiring to become a cloud security expert) should consider to help their organizations stay ahead of risks and threats while also taking their individual careers to the next level.
What Is a Cloud Security Certification?
A cloud security certification demonstrates that an individual has the required knowledge for important roles in cloud security, signaling credibility to customers, partners, and potential employers. There are many options available that vary based on price, desired specialty (for example, expert in AWS security versus Microsoft Azure security), and ability to commit the time required to complete the course.
Let’s take a deep dive into certification options available for cloud security leaders and practitioners.
ISC2 CISSP Certification
The International Information System Security Certification Consortium (ISC2) is a nonprofit organization that specializes in training for cybersecurity professionals. The CISSP certification (Certified Information Systems Security Professional) is intended for more experienced cybersecurity leaders, geared towards CISOs, directors, managers, and consultants. Additionally, in order to qualify for certification, you must pass the exam but also have five years of cumulative experience in at least two of the eight domains of knowledge. These eight domains include:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Both online and in-person training options are available. The exam cost itself is approximately $750. With ISC2, membership is required, with annual fees being either $50 or $125 depending on membership status.
Learn more about the CISSP certification here.
In addition to the well-known CISSP certification, ISC2 offers several other certifications geared towards every level of cybersecurity. These include CC (entry-level), CCSP (cloud security), SSCP (security administrator), and many more. Continuing education is also offered with the chance to earn CPE credits.
Certificate of Cloud Security Knowledge (CCSK)
CCSK is offered by the Cloud Security Alliance, an organization dedicated to ensuring secure cloud computing. CCSK focuses on a holistic approach to cloud security, providing a vendor-neutral environment that covers best practices across all areas of cloud security including IAM, incident response, application security, and more. Designed for anyone in the field of cloud security, this certification is foundational with a low barrier to entry.
The 90-minute, $395 exam is open-book and taken online, with a minimum required passing score of 80%. Training options include self-paced using a free prep kit, virtual or in-person instruction, and in-person lectures with labs. If you choose options other than self-paced with the prep kit, there are additional costs.
Learn more about the CCSK here.
AWS Certified Security – Specialty
If your organization mainly uses AWS, or you’re interested specifically in AWS security, this is an ideal certification to obtain. Also, AWS does not require participants to complete any AWS-specific training in order to take the certification exam. That being said, AWS recommends that those who choose to test for this certification have five years of security and/or IT experience with at least two years of hands-on AWS workload security experience.
The website provides a comprehensive exam guide, preparation courses, and an official practice exam, making the study process clear and straightforward. Testing can be done in-person or online and the cost is $300.
Learn more about the AWS Certified Security – Specialty certification here.
Google Cloud Professional Cloud Security Engineer
If your organization primarily uses Google Cloud, this certification is a great starting point for security specialization.
Google Cloud provides an exam guide as well as virtual and in-person training options. With a length of two hours, this exam costs $200 and is only available in English and Japanese at this time. Finally, it is recommended that individuals who choose to take the exam have at least three years of industry experience and one year using Google Cloud.
Learn more about the Google Cloud Professional Cloud Security Engineer certification here.
Microsoft Azure Security Engineer Associate (AZ-500)
This certification is ideal for those with specific Azure cloud security responsibilities in the organization. The AZ-500 exam measures your ability to accomplish the following technical tasks in Microsoft Azure : manage identity and access; secure networking; secure compute, storage, and databases; and manage security operations.
Offering both self-paced and instructor-led options, the exam is about two and a half hours long. Pricing is $165 and a free practice assessment is offered.
Learn more about the AZ-500 certification here.
How Do I Pick the Right Cloud Security Certification?
Ultimately, the decision of which certification(s) to pursue depends on your preferences, factoring in price, time commitment, experience level, languages offered, and career goals. For example, if the organization you work for (or would like to work for) uses only Google Cloud, but has plans to utilize AWS in the future, you may choose to focus on either a Google Cloud certification or the more vendor-neutral CCSK to start. See below for a comparison table of the options mentioned in this article:
| CISSP | CCSK | AWS | Google Cloud | Azure | |
|---|---|---|---|---|---|
| Base Cost | $750 | $395 | $300 | $200 | $165 |
| Training Options | Online and in-person | Online and in-person | Online and in-person | Online and in-person | Online and in-person |
| Vendor-neutral? | Yes | Yes | No | No | No |
| Years of Experience Recommended | 5+ | None specified | 5+ | 3+ | None specified |
| Exam Length | 3-6 hours | 1.5 hours | About 2 hours | 2 hours | 2-4 hours |
| Renewal/Recertification | After 3 years | Not required | After 3 years | After 2 years | After 1 year |
Further Cloud Security Industry Knowledge Resources
While certifications are a valuable way to demonstrate expertise in cloud security, the time spent growing one’s knowledge on an ongoing basis is just as important. By attending webinars, following cloud security companies on social media, and talking to industry experts, the chances to expand your understanding of cloud security best practices are endless.
Contact an Orca Security representative today to learn more about cloud security training resources.
