Saturday 30 March 2013

Certificate in Cloud Security Knowledge (CCSK)

I took and passed the Cloud Security Alliance Certificate in Cloud Security Knowledge (CCSK) version 3 a couple of weeks ago.

My company were keen for us to do it. In general it was quite interesting and made me think about a few aspects of Cloud security I hadn't considered previously. I've always been quite nervous about how Cloud could meet compliance in areas such as Payment Card Industry (PCI) and Health Insurance and Portability Accountability Act (HIPAA) in the Cloud. However, the literature did make some very good points about how the economies of scale gained from Cloud make it easier to meet these compliance and regulatory requirements, definitely changing my thoughts on the subject.

If you're interested in CCSK, take a look at the following site where you can download the literature and also take the test online:

https://cloudsecurityalliance.org/education/ccsk/

There's a few blogs on passing CCSK, I found Jean-Francois Audenard's '7 tips for getting CCSK certified' useful:

http://www.orange-business.com/en/blogs/connecting-technology/security/7-tips-for-getting-ccsk-certified

My main criticism of the CCSK is why the exam has to be taken online, as it's impossible to take a certification seriously if it hasn't been tested in proper exam conditions. $345 USD is a lot of money for an online test.