Actu
(ISC)²® and the Cloud Security Alliance Collaborate to Create New Professional Certification for Cloud Security
April 2013 by Emmanuelle Lamandé
(ISC)²® (“ISC-squared”) and the Cloud Security Alliance (CSA) announced they have signed an agreement to collaborate on a new professional certification for information security. The combined initiative will address a significant concern over the security of modern business systems by establishing a common global understanding of professional knowledge and best practices in the design, implementation and management of cloud computing systems.
The new credential will build on existing certifications offered by both organisations, including (ISC)²’s Certified Information Systems Security Professional (CISSP) and CSA’s Certificate of Cloud Security Knowledge (CCSK), by examining the depth of technical knowledge required in architecting business systems, based on cloud computing.
The (ISC)² 2013 Global Information Security Workforce Study (GISWS) confirmed cloud computing as the number one area of demand for training, identified by nearly 60 percent of the study’s more than 12,000 respondents. The study, which has tracked the impact of cloud computing on the information security profession since 2010, also confirms that business are embracing the cloud, with virtually all respondents saying they work in companies with some level of cloud computing, and most (61 percent) identifying public cloud services, including software or infrastructure as a service or a hybrid cloud environment. This is despite nearly three quarters also confirming the need for new skills, particularly for deep technical knowledge and guidance on how security applies to the cloud.
The initiative pools significant expertise from both organisations, including the CSA’s body of research, developed by subject matter experts, and its contributions toward the development of an ISO standard; and (ISC)²’s member-driven job task analysis methodology for the development and management of the world’s leading information and software security professional credentials. Under the collaboration, (ISC)² will lead subject matter experts drawn from the memberships of both organisations through the job task analysis process to develop a focused common body of knowledge reflecting areas of required expertise and the technology-agnostic approach to defining domains of practice that serve as the foundation of all (ISC)² certifications. The work will also determine a globally accepted benchmark for the level of experience required to denote competency in the field of practice covered by the common body of knowledge.
The new credential and first examinations are due to be available in 2014.
