Here’s the lowdown on security certifications and courses: For those who are serious about putting time, money, and effort into coursework, they all have something to offer. While some require more prerequisites than others and some are certifications versus certificates, each person must be honest with themselves and recognize if they are a beginner or if they are ready to take a more aggressive step.
Note that cloud computing security now ranks as the skill set with the lowest supply, according to the results of the fifth annual edition. ISSA/ESG survey of cybersecurity professionals, said Candy Alexender, chair of the ISSA International board. Prospective students and professionals should seek to advance their careers through a combination of training in the form of formal cloud courses, online webinars, and certification classes, as well as on-the-job training.
“They should be focused on understanding SaaS models and how they integrate with security platforms and internal protocols,” Alexander said. “Other skills that are important are an understanding of how to apply for and write security-assurance contracts, as well as the ability to test the protocols of the vendors they choose.”
Because cloud technology is so dynamic, employers also like to see current expertise in some of the most popular provider services and related technologies, such as leading cloud provider offerings, containers, identity systems , zero trust, and key management, said Jim Reavis. , CEO of the Cloud Security Alliance.
“Some developer skills are also valued, even for non-developer roles, as you see an increase in techniques like scripting to enable automation,” he added.
Most experts will tell people just starting out to get a Cloud Security Alliance certificate or start by taking CompTIA’s Security+ certification course (see below for details). Rank beginners should start with CompTIA’s IT Fundamentals+ course. It only makes sense, because security professionals should develop a good foundation in information technology and security before specializing in one cloud platform over another. Students will learn the basics of cloud security by taking the Security+ course.
So what’s out there? Below are seven training programs from reputable organizations dedicated to the field of IT and security. This is of course not an exhaustive list. But it’s a solid start.
Identity and Access Management with the Big 3: Amazon Web Services, Azure, Google Cloud Platform
SEC488: Cloud Security Fundamentals SANS covers Amazon Web Services, Microsoft Azure and Google Cloud, as well as other cloud service providers (CSPs). The program begins by focusing on one of the most critical topics in the cloud: identity and access management. From there, the course moves on to a wide range of security topics through discussions and hands-on exercises related to several important cloud topics across the different major cloud platforms: Infrastructure as a Service (IaaS), Platform as – a-Service (PaaS), and Software-as-a-Service (SaaS).
previous requirements: A basic understanding of TCP/IP, network security, and information security principles is helpful, but not required. SANS considers familiarity with Linux command lines to be an advantage.
Details: A proctored exam with 75 questions over two hours. The minimum passing score is 61%. The cost is $7,640; GLCD Certification: $949
From DevOps to Solution Implementation: Cloud Security Best Practices
The (ISC)² Certified Cloud Security Professional (CCSP) Course is designed for IT and information security leaders responsible for applying best practices to the architecture, design, operations, and orchestration of cloud security services, including those in the following roles: cloud architect, cloud engineer, cloud consultant, cloud administrator, cloud security analyst, specialist, cloud computing service auditor, and professional cloud developer.
previous requirements: To qualify for the CCSP, candidates must pass the exam and have at least five years of cumulative paid work experience in IT, of which three years must be in information security and one year in one or more of the six domains of the CCSP. (ISC )2 CCSP Common Body of Knowledge (CBK). A candidate who does not yet have the required experience to become a CCSP can become an Associate of (ISC)2 after successfully passing the CCSP exam. The Associate then has six years to build the experience to earn a CCSP.
Details: The CCSP It has 125 questions and is a three-hour exam. Students need a score of 700 out of 1,000 to pass the exam. CCSP exam: $599; CCSP Instructor-Led Online Training: Current retail price, $2,409.75; CCSP Self-Paced Training: Current Retail Price, $836.45
Laying a Foundation: Vendor-Neutral Cloud Security Basics
The Certificate of Cloud Security Knowledge (CCSK) The Cloud Security Alliance has been widely recognized as one of the leading standards of expertise for cloud security and provides students with a consistent, vendor-neutral understanding of how to protect data in the cloud. Think of the CCSK credential as the foundation for preparing students to earn additional cloud credentials specific to certain cloud providers or job functions.
previous requirements: CCSK has no experience requirements. The test asks students to demonstrate knowledge of three documents: the CSA Guide, the CSA Cloud Control Matrix and the ENISA report.
Details: The CCSK is a 90-minute open book online exam with 60 multiple-choice questions. The exam costs $395 and comes with two opportunities that the student has up to two years to use. The minimum passing score is 80%. Students can study on their own or enroll in training.
Microsoft Azure: A Deep Dive
Infosec’s Microsoft Azure Dual Certification Bootcamp teaches students important Microsoft Azure management and security skills through hands-on labs and expert instruction. Intensive training prepares students to pass the two exams required for Microsoft certification: Azure Administrator Associate and Azure Security Engineer Associate.
Prerequisites: Basic knowledge of cloud computing is recommended, but not required.
Details: Program covers seven days of live Azure expert instruction, an exam voucher, unlimited practice exam attempts, a free annual subscription to Infosec Skills ($599 value), one year access to all video replays and training camp materials. The cost is $4,399.
Amazon Web Services: A Deep Dive
The AWS Certified Security – Specialty empowers people to develop the skills necessary to run secure workloads in AWS environments. Like the aforementioned training for Azure, this delves into one of the most dominant platforms on the market today.
previous requirements: AWS recommends that students have the following before taking this course:
- Five years of IT security experience designing and implementing security systems and at least two years of hands-on experience protecting AWS workloads.
- Working knowledge of AWS security services and features of the services to provide a secure production environment and an understanding of security operations and risks.
- Knowledge of the shared responsibility model of AWS and its applications.
- Understand specialized data classifications and AWS data protection mechanisms, data encryption methods and AWS mechanisms for implementing them, and secure Internet protocols and AWS mechanisms for implementing them.
Details: Includes 65 questions, either multiple choice or multiple answer. Students have 170 minutes to complete the exam. The exam costs $300; three-day virtual prep course, Security Engineering at AWS; $2,095.
Google Cloud: A Deep Dive
The Professional cloud security engineer The Google exam can design and implement secure workloads and infrastructure on Google Cloud. Through an understanding of security best practices and industry security requirements, these students learn to design, develop, and manage a secure infrastructure using Google security technologies. The course covers all aspects of cloud security: identity and access management, defining organizational structures and policies, using Google technologies to provide data protection, configuring network security defenses, gathering and analyzing Google Cloud logs, incident response management, and regulatory understanding demonstration. considerations
previous requirements: While there are no specific prerequisites, Google recommends three or more years of industry experience, including more than one year designing and managing solutions with Google Cloud.
Hybrid IT: Cloud Security in a Bigger Picture
The Safety+ Certification CompTIA describes Security+ as a global certification that validates the basic skills necessary for an individual to perform basic security functions and pursue a career in IT security. Security+ is widely considered the first security certification an IT professional should earn. Many also believe that students should take CompTIA’s IT Fundamentals course to get a good foundation in operating systems, networking, and security concepts before diving into Security+. Students who earn the certification have acquired the following skills:
- Assess a company’s security posture and recommend and implement appropriate security solutions.
- Monitor and secure hybrid environments, including cloud, mobile, and IoT.
- Understand applicable security laws and policies, including basic governance, risk, and compliance principles.
- Identify, analyze and respond to security events and incidents.
Details: The exam lasts 90 minutes and has a maximum of 90 questions. The questions are multiple choice and performance based. The exam voucher costs $381. The complete eLearning Bundle prep course complete with exam voucher and one exam retake costs $949.