The cloud world will be a safer place

The Certificate of Cloud Security Knowledge is backed by the Cloud Security Alliance, in which basically every major cloud player is represented.ccsk

Today I managed to pass the exam, so I am now officially CCSK stamped. Next on my list is becoming a trainer for that.

Although CCSK is at the introductory level, it does lead to risk awareness across a wide range of cloud related topics. The 13 domains  in which the knowledge is organized range from governance and compliance through various data and software lifecycle models to known technical risks and identity management. If you thought you knew all the cloud risks, you will think different after you have studied this material!

Personally, I think a strong side of the material is that, despite its elaboration of risks, it never prescribes how an organization should handle its cloud security. Instead, the approach is to make sure the risk tolerance of the organisation is in alignment with the risk takes by working with cloud providers. This might actually differ by application. I.e. running encrypted backups in the cloud has a very different risk profile from running your payment services in the cloud.

Anybody involved in contracting, architecting, developing, deploying or managing cloud applications should at least have a look at this material. If you are serious you want to pass the exam too.

The study material that I work with goes beyond the body of knowledge in that it also elaborates on the risk mitigation strategies for specific risks. The general section on cloud computing has a bit of overlap with the course on cloud essentials that I also teach, but that will only prove to be a benefit to the students who study both.

See my course lists on this site and on eventbrite for upcoming events.

Leave a Reply