CCSP vs CCSK Cloud Security Certifications

Both the CCSP (Certified Cloud Security Professional) and CCSK (Certificate of Cloud Security Knowledge) are individual certifications of cloud security competence. But what is the difference between these two certifications?

Based on my experience, I will explain what makes CCSP different from CCSK.

CCSK versus CCSP explained in 1:22 minutes

Do you want to learn more about cloud computing and cloud security? Subscribe to my Youtube channel.

What is CCSK?

CCSK is often called the “mother of all cloud security certifications”. This is related to the fact that it tests for the Cloud Security Alliance’s “Cloud Security Guidance”, and has been around since 2010.

All other cloud security certifications acknowledge this body of knowledge.

In the fall of 2017, this was significantly updated to version 4. CCSK has followed this version early 2018.

Read more about CCSK: Certificate of Cloud Security Knowledge.

What is CCSP?

In 2015 the Cloud Security Alliance and (ISC)2 announced a new cloud security certification: Certified Cloud Security Professional or CCSP for short.

This is a more extensive certification than CCSK with a more formal exam and a requirement for 5 years in IT; at least three of which must have been spent in security, and at least one year in cloud computing.

(ISC)2 used to state on their website: “The typical cloud security professional will likely achieve the CCSK first, and then the CCSP credential. Attainment of the CCSK also can be substituted for the one year of cloud security experience”

That statement has since been removed, though the substitution rule still applies.

Learn more about CCSP, the exam and how to get your certification.


If you want to choose between CCSK and CCSP, here are some considerations.

  • What is your (prospective) employer looking for? Are they familiar with the certifications?
  • CCSK is currently more practical than CCSP.
  • CCSK is less work and actually a good start towards CCSP.


Full name Certificate of Cloud Security Knowledge Certified Cloud Security Professional
Organized by Cloud Security Alliance (CSA) (ISC)2 in collaboration with the CSA
Body of knowledge CSA Guidance, 14 domains ranging from concepts, technology, compliance, governance.

ENISA recommendations.

Cloud Controls Matrix

Official (ISC)2 CBK. Wider than CCSK, roughly twice the size

  • Architectural Concepts & Design Requirements
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal & Compliance
Current version 4 3rd edition
Exp. requirements none 5 years in IT, of which 3 in IT security and 1 in a cloud domain. CCSK and CISSP substitute part or all of this.
Cost $395 exam cost $549 exam cost
Maintenance requirements None $100/year, 90 CPE/3 year
Exam format Online, unproctored, 2 attempts, open book Exam center, 1 attempt, closed book
Exam length 60 multiple choice questions,
90 minutes
125 multiple choice questions, 4 hours
Pass requirements 80% of questions correct 700 out of 1000 points
Market value CCSK is the industry’s first cloud security certification (ISC)2 positions this as the cloud sister of CISSP
Estimated # holders Thousands Thousands

Want to know more about CCSP vs CCSK? Get the 101!

I created a simple one page overview: the cloud professional 101. You can get access to it by signing up to my blogs and occasional information on cloud security training in the box below.

I have based the above analysis on my multiple years of experience in cloud training. I am an official trainer for both CCSK (since 2011) and CCSP (since 2015), and have actually contributed to both of them.

Get the cloud professional 101

Enter your name and email to get my regular cloud computing tips, more information on CCSK, CCSP and how to attain it, starting with a one-pager.

By registering here you consent to receiving regular emails from me (Peter van Eijk) with updates, tips and ideas on Cloud Computing along with the occasional promotion for my products and services, until you unsubscribe. Click below for my detailed privacy policy.

dit veld niet invullen s.v.p.


Gabe Camacho

Very grateful.  Thank you!

Didier Raelet

I have appreciated very well most topics and particulary the Security Risk & compliance topics. Comparison on IT process on premise with those in the Cloud is quite good. But, it could be done deeper.

Vincent Yesue

This class is great. Good balance between you talking, and us chatting. You keep control of the syllabus and the schedule, and we provide some information on what the facts mean to us and how we understand them in our context. Brilliant stuff.


Very professional domain, but very clear explained! Thanks


Most useful: Technical context, risk knowledge and exam approach

Ali Isikli

Experienced trainer. Reflects his experience well within the context

Ken Tola

Peter is incredibly knowledgeable and takes the time to answer questions and actually work with his students. The course is also an amazing way to learn how AWS actually works and, by the end of the labs, you feel ready to manage your own cloud! The materials are easy to understand and yet technical enough to get real-life security implemented. This was a great course and far beyond most of the accreditation courses I have completed.

Carlo Tyrberg

I attended Peter’s CCSK-training and found it very useful, because 1) the sessions gave me more insight on several other aspects of cloud computing than only security, 2) it “inspired” (/forced) me to study the CSA guide/ENISA more thorughly and not least 3) I manage to pass the exam 🙂

Frank Cerney

I had very little to no experience wit the CLOUD, so this training was incredibly valuable to me. My new professional responsibilities are becoming more and more cloud centric. I have a greatly improved level of confidence because I know I have a solid educational foundation that the training and exam preparation has provided for me. I cannot recommend it highly enough!