How Can the Financial Industry Innovate Faster?

By Peter HJ van Eijk, Head Coach and Cloud Architect, ClubCloudComputing.com

financial services stock chart

How can the financial industry innovate faster? Why do non-technical people need to have a basic understanding of cloud technology?

Imagine this scenario. Davinci is a company providing a SaaS solution to banks to process loans and mortgage applications. Davinci runs its own software on an AWS platform, and a significant number of large mortgage providers depend on the service. As you can imagine, the loan approval process involves a lot of personal and financial data, which naturally presents a tremendous privacy risk. This raises the question of who is going to take care of these and other risks.

Cloud security: Who does what?

Cloud distributes responsibility for IT services across an IT supply chain. This supply chain is composed of independent providers, which implies that companies have technical boundaries that are matched by organizational and contractual boundaries. The concept of having technical boundaries is new—this issue didn’t exist before the digital revolution.

In our example, there is both an organizational and a technical boundary between the mortgage providers and the SaaS provider. So the question is, what happens on either side?

Amazon Web Services calls this the shared responsibility model for cloud security. I would simplify that as: What do I do, and what do you do? For example, who is responsible for patching the Operating System in an IaaS service model? Who is responsible for protecting customer data in a SaaS model? The answer will vary from company to company, technology to technology, and even from threat to threat.

Allocation of shared responsibility

Legal contracts must address the allocation of responsibilities, otherwise they are not enforceable. But, who is going to check those contracts? Who needs to make sure the contracts actually specify those tasks and lays out who is responsible for doing them and how to monitor and enforce them? Typically, this is a job for procurement and legal.

Because of this, people (in this case: procurement and legal) need to have a solid understanding not only of the given service, but also of which (technical) tasks are not part of that service.

A baseline understanding of cloud responsibilities is critical. Insufficient understanding delays the entire assessment process and reduces its quality. As one of my legal course students once said:

When I go into a conversation with a cloud provider I have time for, let’s say, 10 questions. If all these questions go to understanding basic cloud terminology and technology, I have missed the opportunity to talk about the real risk and opportunity for our company.

My takeaway from this is the following: Educate your lawyers, procurement and so on. Help them understand the cloud well enough to ask educated questions. Help them know where technical boundaries need to be translated into legal controls. Help them understand the technical and organizational shared responsibility model.

When adopting cloud (and thereby sharing responsibility with providers) make sure that everyone involved in the decision-making, implementation and enforcement has a basic understanding of:

  • cloud services and service models;
  • how these services map to technical infrastructure and software; and
  • how each of these can be located in different places and be under the control of different organizations.

Adopt faster

Better understanding of the shared responsibility model leads to faster cloud adoption because it reduces fruitless back and forth on ‘who does what.’

There are several ways to better understand the shared responsibility model. But in my opinion, the best way to gain deeper understanding, speed up dialogue, and accelerate profitable and secure cloud adoption is to study a vendor-neutral body of knowledge such as that demonstrated by CSA’s Certificate of Cloud Security Knowledge (CCSK). The CCSK tests for a broad foundation of knowledge about cloud security, with topics ranging from architecture, governance, compliance, operations, encryption, virtualization and much more, and elaborates on understanding cloud models, risks and appropriate controls, as well as the Cloud Controls Matrix, which is a very effective tool in cloud provider evaluation.

Interested in learning more about drivers and barriers to cloud adoption in the financial industry? Here a few posts and articles to get you started.

Peter van Eijk is one of the world’s most experienced cloud trainers. He has worked for 30+ years in research, with IT service providers and in IT consulting (University of Twente, AT&T Bell Labs, EDS, EUNet, Deloitte). In more than 100 training sessions, he has helped organizations align on security and speed up their cloud adoption. He is an authorized CSA CCSK and (ISC)2 CCSP trainer, and has written or contributed to several cloud training courses.

CCSK in the Wild: Survey of 2018 Certificate Holders

CCSK examEven as more organizations migrate to the cloud, there’s still a concern as to how well those cloud services are being secured. According to an article by Forbes66% of IT professionals say security is their greatest concern in adopting a cloud computing strategy.”

As you embark on your quest to fill this skills gap, you may benefit from learning how other professionals have used certificates to expand and validate their cloud knowledge. In this blog we are going to explore how Certificate of Cloud Security Knowledge (CCSK) is being used in the wild. As the first step into this exploration we surveyed current holders to ask them how their certificate impacted their job, career and overall professional development. A summary of findings from the survey, job board postings and testimonials is shared below.

Topics we’ll discuss in this blog:

  • Survey Findings
  • CCSK in Job Postings
  • Overview of Testimonials

Survey Findings

Of the individuals who had successfully passed the exam, over 40 percent reported that the CCSK helped directly progress their career- either via a salary increase, promotion, or new job/role.

Graph showing How has your career progressed since earning your CCSK

In some cases CCSK holders were given new responsibilities and moved from a more generic security role into a cloud-focused position. Specialization is a key, whether it be through a certification or other learning program. Mike Rosa, Sr. Director Public Sector Security at Salesforce affirmed this saying, “The CCSK sets me apart as an expert in Cloud Security, not a security generalist. The world is moving to cloud, and my resume should reflect this change.

Another common way the certificate helped was building credibility with clients, and helping individuals work within more specialized roles. Since it offered proof of knowledge and established trust, respondents reported being able to better serve their clients’ needs.

One of the more tangible benefits of a certificate is the possibility of a salary increase. Taking a look at those who reported a salary increase, we saw that 15.61 percent saw an increase between 8 percent to 10 percent. Below you can see the distribution of individuals who received an increase in salary of some kind.

Graph showing salary increase since earning CCSK

Types of Jobs

What types of jobs do a CCSK holders have? We found that 22 percent of the people who received a promotion were promoted into a managerial, VP/Director, or Executive role. Titles varied, but the graphic below lists the top keywords listed in respondent’s job titles.

job titles available to CCSK holders

Complementary Certifications

What types of complementary certificates did they hold or pursue? Of the people who took our survey, 52.46 percent also have their CISSP. Certificates and certifications focus on a select area of knowledge, and earning complementary certificates can be valuable. Below are some of the other certifications commonly held.

graph showing which certifications respondents hold

The flipside of this question also yielded interesting results. When asked which other certifications people intend to pursue we received mixed results. The percent interested in earning their CCSP was over 30 percent compared to the 15 percent who already held their CCSP when they took the exam.

Graph asking which certifications people will pursue

As you may already be aware, one year of experience for the CCSP is covered by earning your CCSK since the two certificates complements each other. Whereas the CCSK is more tactical, the CCSP has more of a strategic focus. You’re free to draw your own conclusions, but if you’re interested in learning more about the differences between the two, you can read CCSK vs CCSP: An Unbiased Comparison.

Job Board Searches

A question we often get is whether or not employers are looking for the CCSK and how frequently it shows up in job boards. For job postings, HPE recently conducted a search of posts listing cloud certifications as a credential. They conducted the search for the CCSS, CCSP, PCSM and several other cloud certifications on the market. Below is a summary the results they gleaned for the CCSK.

February 2018 Job Search

Certificate SimplyHired Indeed LinkedIn LinkUp Total
CCSK 180 224 145 132 681

These results vary depending on location and time of year, however, it gives a good estimate of what to expect. In an informal search during October, we discovered the following results for the United States.

October 2018 Job Search

Certificate SimplyHired Indeed LinkedIn LinkUp Total
CCSK 89 321 231 258 899

The amount of postings went up, but the actual number of listings varies throughout the year. As with all things, it is best to do your own research before determining if the CCSK is right for you. Job titles listed included: Network Security Engineer, Security Consultant,  Information Security Cloud Governance Engineer, Cloud Security Architect and Sr. Security Engineer, to name a few.

Overview of Testimonials

Last but not least we collected written feedback on how earning the cloud certificate specifically helped in people’s jobs or career. To make it easier we grouped the responses into the following categories.

Survey Testimonials Revealed

  • How their career progressed
  • How CCSK helped build credibility with clients
  • What makes the CCSK unique from other certificates.
  • How it helped them on the job
  • Benefits of a vendor-neutral certificate

In following blog posts we will be exploring some of these topics more in-depth. For now we’ve listed snippets from testimonials we received that give you an idea of what people said.

How has the CCSK helped progress your career?

Answers to How as CCSK helped progress your career

Whether or not you opt for a cloud certification there are plenty of ways to learn more about cloud security. A couple of free resources that CSA has available for you to use include: CloudBytes webinars, research artifacts and the CCSK Prep-Kit.

Interested in going deeper? Learn how to earn your Certificate in Cloud Security Knowledge by visiting our website.

Cybersecurity Certifications That Make a Difference

By Jon-Michael C. Brook, Principal, Guide Holdings, LLC

cloud security symbol overlaying laptop for cybersecurity certificationsThe security industry is understaffed. By a lot. Previous estimates by the Ponemon Institute suggest as much as 50 percent underemployment for cybersecurity positions. Seventy percent of existing IT security organizations are understaffed and 58 percent say it’s difficult to retain qualified candidates. ESG’s 2017 annual global survey of IT and cybersecurity professionals suggests the biggest shortage of skills is in cybersecurity for at least six years running. It’s a fast moving field with hacker’s crosshairs constantly targeting companies; mess up and you’re on the front page of the Wall Street Journal. With all of the pressure and demand, security is also one of the best paying segments of IT.

Cybersecurity is a different vernacular, with a set of acronyms and ideas far outside even its information technologies brethren. For the gold standard as a security professional, the title to have is the Certified Information Systems Security Professional (CISSP) from the ISC2 (isc2.org). The requirements grow increasingly strict since my testing in 2001. Not lax, mind you, but five-year industry minimums and certified professional attestation gives the credential even more heft. There is an associate version available, the Associate Systems Security Certified Practitioner (SSCP) that eliminates the time and sponsorship minimums and would be appropriate for someone new to the field.

Adding to the professional shortages are new IT delivery methods, a la cloud computing. Amazon Web Services is the giant in the space, offering several certifications for cloud architecture and implementation. Microsoft and Google round out the top three. These, too, are hot commodities, as cloud is a relatively nascent industry and not very well understood. Layer security onto the cloud platform, and you find certifications such as the Cloud Security Alliance’s Certificate of Cloud Security (CCSK) and, again, the ISC2’s Certified Cloud Security Professional (CCSP). In 2017, Certification Magazine listed cloud security certifications as some of the highest salary increases available to an IT professional.

One caveat to all of the excitement of underemployment: recruiters, headhunters and hiring managers. Position requirements are sometimes outlandish or poorly vetted, such as the requisition asking for 10 years of cloud and 20 years of security experience. Amazon Web Services started in 2006. Microsoft Azure and Google Compute Platform were seen as cannibalistic to existing revenue streams. Even five years of cloud industry experience is a lifetime, and the industry moves so fast that AWS’s Certified Solutions Architect (AWS-ASA) requires re-certification every two years vs. the standard three for the rest of IT. They, too, have a security exam recently out of beta, the AWS Certified Security Specialty, though it requires one of their associate certifications first.

If you have the appetite for learning, add privacy to the mix. The number of industry vertical regulations (healthcare’s HIPAA, Payment Card Industry’s PCI-DSS, finance’s FINRA/SOX, etc…) and regionally specific requirements (EU’s GDPR) have the International Association of Privacy Professionals (IAPP), offering eight Certified Information Privacy Professional (CIPP) certifications. As an IT professional in the US, the Certified Information Privacy Technologist (CIPT) and CIPP/US are probably the most attainable and attractive.

Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in information security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security and Symantec. He is co-chair of CSA’s Top Threats Working Group and the Cloud Broker Working Group, and contributor to several additional working groups. Brook is a Certified Certificate of Cloud Security Knowledge+ (CCSK+) trainer and Cloud Controls Matrix (CCM) reviewer and trainer.

Prepare to Take (and Ace) the CCSK Exam at Infosecurity Europe

By Ryan Bergsma, Training Program Director, Cloud Security Alliance

CCSK certification logoHere’s a riddle for you. It’s been called the “mother of all cloud computing security certifications” by CIO Magazine. Search Cloud Security said it’s “a good alternative cloud security certification for an entry-level to midrange security professional with an interest in cloud security.” And, Certification Magazine listed it at #1 on the Average Salary Survey 2016. What is it?

If you answered CSA’s Certificate of Cloud Security Knowledge, more commonly known as CCSK, give yourself a pat on the back. If you’re attending Infosecurity Europe 2018 then give yourself the gift that keeps on giving and register for our CCSK v4 certification training course on June 7. Taught by renowned cloud security expert Peter HJ van Eijk, this one-day workshop will prepare you to take (and ace) the exam.

This exam prep course reflects the fact that the body of knowledge and the CCSK were recently updated to version 4, and includes such relevant topics as DevOps, big data and IoT. Not only will you get up-to-speed on the latest in cloud security, but by earning your CCSK, you’ll be demonstrating that you have the requisite skills and knowledge to ensure that cloud services are implemented and utilized within your organization with the appropriate security controls in place, including technical, as well as management and governance domains.

Still on the fence? The course price includes the cost of the exam, a $395 value. That’s what we call a sound investment.

Not convinced? Watch this and you will be.

Register.

CCSK vs CCSP: An Unbiased Comparison

CCSP CCSK pyramidBy Graham Thompson, CCSK, CCSP, CISSP, Authorized Trainer, Intrinsec Security

Introduction

CCSK vs CCSP–I’m commonly asked two questions whenever someone discovers I’m an instructor for both the Cloud Security Alliance CCSK and (ISC)2 CCSP courses:

1 – “What’s the difference between the two certifications?”
2 – “How hard is the CCSK exam?” … It’s very hard, but more on that later!

In this entry I’ll identify the differences between two of the industry’s highest regarded cloud security certifications, CCSK and CCSP. Hopefully after reading you’ll know which certification will better fit your professional goals. I don’t believe I have a bias here because I’ve been teaching both courses for a while. In fact, I delivered the first public CCSK course outside of the initial Train-the-Trainer in San Jose. As for the CCSP, I actually helped develop that course. I believe what follows is an honest opinion between the two courses.

CCSK| Certificate of Cloud Security Knowledge (Updated for v4 Course)

The Certificate of Cloud Security Knowledge (CCSK) by the Cloud Security Alliance is considered to be the grand-daddy of cloud security certifications. Why? Primarily because the CCSK was quite literally the industry’s first examination of cloud security knowledge when it was released back in 2011. The course breakdown is roughly split 60/40 between tactical (technical) and strategic (business driven) discussion of cloud security. It is agnostic in approach. To be honest, when I’m delivering CCSK training I probably spend a little too much time equating IaaS tactical security discussions to how it’s done in AWS, but I (and students) feel this approach drives home the controls they cover in the course.

Update for CCSK Version 4

The best way to describe the updates for CCSK V4 are that from a strategic 20,000-foot view it’s mostly more of the same. Governance, contracts, risk management, legal aspects are covered to mostly the same degree but they expanded it to be more global in nature.

However, drop down the viewpoint to that of a more tactical 1,000-foot view and the updated version is very different. Example: leveraging Lambda serverless computing and object storage to remove network attack paths back to the datacenter isn’t exactly a governance item; but from a more tactical approach, it really shows the different architecture patterns you can leverage in cloud that are basically impossible in traditional computing. They also pull in discussions that didn’t exist before such as containers, CI/CD toolchains, DevOps, Chaos engineering and expanded discussions surrounding Software Defined Networking security concepts.

CCSK Course Details

For the CCSK course itself, it’s delivered in two different formats:

  • CCSK Foundation (1 or 2-day course)
  • CCSK PLUS (2 or 3-day course)

What’s the main difference between the two different formats, aside from the course length? It comes down to practical experience and course exercises.

  • The CCSK Foundation format can be delivered over one day, which means you have the time to review theory, but not enough for in-depth class discussion or practical exercises.
  • The CCSK PLUS has everything presented in the CCSK Foundation format, but with more time to really drive home the major topics and learning objectives with course exercises/activities. Quite literally, the following formula applies:

CCSK PLUS = CCSK Foundation + AWS labs

In my personal opinion, a person with limited cloud exposure will find a 1-day crash course to be a complete waste of time. I’ve seen it myself, and that is why as a trainer I don’t usually deliver the course in a single day. However if you are new to cloud and can only do the 1-day session, do yourself a favor and read/understand the guidance v4 document before you take the class. Alternatively, if you’ve been working in cloud for a while and are looking to understand what CSA has to say on cloud security, you would likely prefer the 1-day approach. If you are looking for more info, a lot of these details about the CCSK can be found on Cloud Security Alliance’s website.

CCSK Exam Breakdown

I mentioned the exam was pretty hard at the start of this blog entry. The reason for this has everything to do with the split between tactical and strategic domains of knowledge.

People are either tactical types or strategic governance types. The tactical types enjoy the bits and bytes of computing and that’s totally cool. Then, you have the governance types. These are the managers, directors and others where the mindset is how the business as a whole may be impacted by cloud adoption. One person having a foot in both areas is pretty rare, and that is what makes the CCSK exam so hard. I’ve seen hardcore techies fail, and I’ve seen MBA’s fail.

One thing to note that I’ve heard from heads of training departments has to do with it being an open book exam that is not proctored, rather it is taken online from any location (home/office/hotel). It appears these traits lead some to think less of the exam because it doesn’t seem to be as “legitimate” as closed-book proctored. I still contend properly-written open book exams are legitimate and the exam is tough. I believe it would be impossible to answer 60 questions in 90 minutes if you have to research every question. I would have no problem hiring someone who has a CCSK but not the CCSP.

Continuing Professional Education Credits (CPE)

The CCSK course is CPE eligible. Keep in mind the CPE guidelines for courses are that you must take lunch and breaks into account, meaning a 3-day course winds up netting you 21 CPEs (7 per day). Not bad! Side note- the CCSK does not require CPE maintenance, once you have earned it—it’s yours.

Concluding Thoughts on CCSK

With the updated v4 content, the CCSK remains highly relevant to security professionals who are seeking a course that delivers a general tactical and strategic understanding of the challenges and advantages of cloud. Ready to get started? Download our CCSK prep kit or look for upcoming training sessions near you. If, instead, you are looking for coverage of traditional information security concepts in addition to cloud specific issues, you might want to look at the CCSP.

CCSP| Certified Cloud Security Professional (updated for 2017 version)

(ISC)² is the organization who gets the credit for the CCSP. However, (ISC)² and Cloud Security Alliance (the organization who founded CCSK) collaborated to create the CCSP course and certification exam. Also (ISC)² is the same organization who developed the popular CISSP designation. The CCSP looks and feels like a cloud version of the CISSP.

The CCSP is, in my humble opinion, more suited for CISSP holders. The CCSP will go into many subjects that are assumed knowledge in the CCSK. For example, the OSI reference model is covered in the CCSP whereas the CCSK assumes you have this knowledge already when talking to encapsulation of packets in an SDN network.

Course Details

The main difference between CCSP and CCSK can be found in three areas: Expanded governance discussion, Datacenter Security and Privacy. A CISSP is expected to understand a wide range of security domains and ISC2 wants to ensure that CCSP certified professionals are fully aware of the governance and security issues that come along with cloud, the datacenter and the privacy of consumers using cloud services. So really, when the dust settles, the following formula pretty much sums up the new CCSP:

CCSP = CCSK + Expanded Governance Items + Traditional Security + Privacy

The CCSP course is typically delivered over a 5-day period. There’s some repetition in the material and you can finish it in the allotted 5 days. I wouldn’t say it can be done in 4 days either.

Course Format

The CCSP course is pretty much 100% lecture. There are no labs at all. Zero. None. Zilch. Nada. Instead, you have a series of Q&A and work-group type of scenarios that are peppered throughout the course. This makes the CCSP a course that could be considered more strategic in nature. I would give the CCSP a 70% strategic, 30% tactical approach; almost the inverse of the CCSK.

Update for 2017 version

(ISC)² updated the CCSP Common Book of Knowledge (CBK) and the course in 2017.  The CBK itself is about 150 pages bigger than its predecessor (735 vs 584) This update expands on concepts, introduces new subjects (such as economics of cloud, business requirements, etc.) and new technologies (e.g. DevOps, Containers, etc.), albeit to a lesser technical degree than the CCSK.

CCSP Exam Breakdown

As for the exam itself, I’m under an NDA, so I naturally can’t get into the types of questions they present. I think it would be a fair statement though to say the average CCSP exam candidate is a CISSP holder and  would be tested on knowledge of both cloud and traditional data center security concepts.

Continuing Professional Education Credits (CPE)

CCSP is listed as a 40-hour course, so you should be taking home roughly 35 CPE’s.  Of note for current CISSP’s is that future CPEs earned apply to both the CISSP and CCSP designations. Keep in mind-the CSA’s CCSK can be substituted for one year of experience in pursuit of the (ISC)2 CCSP Certification.

Concluding Thoughts on CCSP

While the latest version of the CCSP expands discussion on strategic issues it doesn’t get into the same depth of tactical discussion that is found in the CCSK. The course is written along the same lines of the CISSP, so coverage includes everything that an Information Security Professional should know to secure an environment, ranging from the physical design of a datacenter up to cloud application security.

 CCSK vs. CCSP| Final Thoughts

As I said earlier, I don’t have a bias here. I’ve laid out what I consider to be the strengths of both offerings This table basically recaps some highlights:

CCSK Course Highlights CCSP Course Highlights
100% focused on cloud security. –Covers traditional information security and cloud security
60% tactical, 40% strategic 70% strategic, 30% tactical
Quicker delivery and more comprehensive review of cloud-specific technologies (e.g. SDN, DevOps, Serverless) More comprehensive review of IT security principles along the lines of the CISSP CBK
Less expensive course and exam More expensive course and exam
Open book exam online (exam included with training cost) Closed book proctored exam at testing center (exam additional charge)

Which Do I Prefer?

I appreciate the coverage of the CCSP, but if I had to do only one, I would do the CCSK because it is 100% focused on cloud security and architectural patterns as well as cloud-specific technologies are covered in greater depth (even more so after the v4 update). I also prefer how it’s consumed in a shorter time frame (due to aforementioned cloud focus).

If you have the time and resources doing both is not a bad idea either. In that case, I would do the CCSK first then the CCSP (and the CCSK counts as 1 year of experience towards the CCSP requirements, as well). Either way, the only way you can go wrong is by not doing either one.

About the author
Graham Thompson is a cloud security architect and delivers both CCSK and CCSP official courses as an authorized trainer for Intrinsec Security. You can reach Graham on LinkedIn or by old fashioned e-mail.

Five Reasons to Reserve Your Seat at the CCSK Plus Hands-on Course at RSAC 2018

By Ryan Bergsma, Training Program Director, Cloud Security Alliance

man investing in Certificate of Cloud Security Knowledge courseThe IT job market is tough and it’s even tougher to stand out from the pack, whether it’s to your current boss or a prospective one. There is one thing, though, that can put you head and shoulders above the rest—achieving your Certificate of Cloud Security Knowledge (CCSK). CCSK certificate holders have an advantage over their colleagues and get noticed by employers across the IT industry, and no wonder.

It’s been called the “mother of all cloud computing security certifications” by CIO Magazine, and Search Cloud Security notes that it’s “a good alternative cloud security certification for an entry-level to midrange security professional with an interest in cloud security.” So it was no surprise when Certification Magazine listed CCSK at #1 on the Average Salary Survey 2016.

For those interested in taking their careers to the next level, we are offering the CCSK Plus Hands-on Course (San Francisco, April 15-16) at the 2018 RSA Conference.

Our intensive 2-day course gives you hands-on, in-depth cloud security training, where you’ll learn to apply your knowledge as you perform a series of exercises to complete a scenario bringing a fictional organization securely into the cloud.

Divided into six theoretical modules and six lab exercises, the course begins with a detailed description of cloud computing, and goes on to cover material from the official Security Guidance for Critical Areas of Focus in Cloud Computing, Cloud Controls Matrix v3.0.1 (CCM) documents from Cloud Security Alliance, and recommendations from the European Network and Information Security Agency (ENISA).

Still on the fence? Here are five reasons you need to register today.

  1. Get trained by THE best in the business. Rich Mogull, a prominent industry analyst and sought-after speaker at events such as RSAC and BlackHat, will be there to guide you through this 2-day, intensive cloud security course. Not only is he the most experienced CCSK trainer in the industry, but he created the course content. Need we say more?
  2. Gain actionable security knowledge. In addition to learning the foundational differences of cloud, you’ll acquire practical knowledge and the skills to build and maintain a secure cloud business environment right away. It’s good for you and good for your company.
  3. Make the boss sit up and notice. Your newfound knowledge will translate to increased confidence and credibility when working within the cloud, and just maybe a better job or dare we say, a raise?
  4. Move to the head of the class. By the end of the course, you’ll be prepared to take the CCSK exam to earn your Cloud Security Alliance CCSK v4.0 certificate, a highly regarded certification throughout the industry certifying competency in key cloud security areas. ‘Nuff said.
  5. Invest in your future. The course price includes the cost of the exam, a $395 value. That’s what we call a sound investment.

Still not convinced? Watch this and you will be.

Register.