An influx of organizations are moving their operations to the cloud for the benefits of improved efficiency, better scalability, and faster deployment. But with the giant wave of migration to the cloud come more threats than ever before. The cloud is giving bad actors a more expansive set of targets, as well as new tools to conduct attacks, says Or Azarzar, Co-founder and CTO of Lightspin, in a recent article in Dark Reading.
With so many risks for cyberattacks targeting the cloud, which certification demonstrates a broader understanding and skillset to protect cloud security? Let’s compare two cloud certs, ISC2 Certified Cloud Security Professional (CCSP) vs. Google Cloud Certified-Professional Cloud Architect.
CCSP is a vendor-neutral certification that demonstrates the broad knowledge to successfully secure any cloud environment, regardless of vendor affiliation. It proves expert skills and experience in cloud security design, implementation, architecture, operations, controls, and compliance with the full range of regulatory frameworks. The globally recognized certification is available from ISC2, the creators of the Certified Information Systems Security Professional (CISSP) Common Body of Knowledge.
Google Cloud Certified-Professional Cloud Architect is a vendor-specific certification that shows expertise in Google Cloud Platform. It proves a thorough understanding of cloud architecture to design, develop and manage dynamic business solutions.
Why is vendor-neutral cloud certification favored by many organizations?
For higher levels of security, the standard for many organizations today is multi-cloud, which uses multiple providers for IaaS, PaaS, and SaaS environments. Multi-cloud strategy allows organizations to work with cloud providers and environment types best suited to their workload or application.
Fifty-five percent of companies use at least two public clouds in addition to their own data centers, according to IDG’s 2020 Cloud Computing Study. IT managers make choices based on the performance and services a platform offers, which vary according to application type. And because the public cloud is a dynamic environment, a multi-cloud strategy allows organizations to avoid the limitations and potential expense of vendor lock-in and take advantage of innovations as they are introduced.
What is each cert’s emphasis on cloud security?
CCSP turns the focus on cloud security, testing candidates’ skills and knowledge across six cloud security domains. It validates your ability to design, manage and secure data, applications, and infrastructure in any cloud environment, while also following the best practices established by ISC2.
Google Cloud Certified-Professional Cloud Architect requires the skills and knowledge to design for security and compliance as one of six domains, but security isn’t the primary focus of certification.
Domains
| ISC2 CCSP | Google Cloud Certified-Professional Cloud Architect |
|---|---|
|
Cloud Concepts, Architecture and Design |
Designing and Planning a Cloud Solution Architecture |
|
Cloud Data Security |
Managing and Provisioning a Solution Infrastructure |
|
Cloud Platform and Infrastructure Security |
Designing for Security and Compliance |
|
Cloud Application Security |
Analyzing and Optimizing Technical and Business Processes |
|
Cloud Security Operations |
Managing Implementation |
|
Legal, Risk and Compliance |
Ensuring Solution and Operations Reliability |
My employer uses the Google Cloud Platform. Why should I consider CCSP certification?
Certification in both Google Cloud Certified-Professional Cloud Architect and CCSP complement each other by elevating your expertise in the cloud. CCSP expands upon vendor-specific cloud certifications like Google’s with comprehensive knowledge and skills in security frameworks. CCSP’s vendor-neutral certification deepens your proficiency with a broader mastery of cloud security that transcends vendor affiliation.
What level of professional experience is required?
CCSP candidates are expert-level professionals. They are required to have at least five years of cumulative, paid work experience in information technology, of which three years must be in information security and one year in one or more of the six domains of the ISC2 CCSP Common Body of Knowledge. A candidate who doesn’t yet have the required experience to become a CCSP may become an Associate of ISC2 after successfully passing the CCSP exam. The Associate of ISC2 will then have six years to earn the experience needed for the CCSP certification.
Google Cloud Certified-Professional Cloud Architect candidates are recommended but not required to have three years or more of industry experience, including one year or more designing and managing solutions using Google Cloud Platform.
What’s the earning potential?
Certification Magazine’s 2021 salary survey ranks CCSP at No. 8 on its list of most lucrative certifications with an average annual salary of $119,880 USD worldwide. Google Cloud Certified-Professional Cloud Architect did not make the list, however Global Knowledge’s 2020 IT Skills and Salary Report shows average annual earnings of $116,289 USD worldwide.
What is required to maintain certification?
CCSP-credentialed professionals must participate in continuing professional education (CPE) to stay current on emerging threats, technologies, regulations, standards, and practices. They are required to earn and submit a minimum of 30 CPEs each year; 90 CPEs by the end of the 3-year recertification cycle.
Google Cloud Certified-Professional Cloud Architect certification does not require continuing professional education. It is valid for two years from the exam pass date. Certifications may be renewed by passing the same exam 60 days or less prior to certification expiration date.
Certification and Maintenance Details
| ISC2 CCSP | Google Cloud Certified-Professional Cloud Architect | |
|---|---|---|
|
Length of Exam |
3 hours/125 multiple-choice questions |
2 hours/40-60 multiple-choice and multiple select questions |
|
Passing Score |
700 out of 1,000 (70%) |
|
|
Exam Fee |
$599 USD |
$200 USD |
|
Annual Maintenance |
$135 USD |
No cost – after two years, must pass same exam within 60 days of certification expiration |
|
CPEs |
90 credits over 3 years |
N/A |
How CCSP Certification Can Help You Succeed
Earning the globally recognized CCSP cloud security certification is a proven way to build your career and better secure critical assets in the cloud. CCSP shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures established by the cybersecurity member experts at ISC2.
Achieving CCSP certification provides the added benefit of membership in ISC2, the world’s largest nonprofit association of cybersecurity professionals, more than 150,000 members strong. ISC2 provides members with professional development courses through the Professional Development Institute (PDI); continuing professional education through industry events like Security Congress; technical webinars covering evolving cybersecurity trends; and benefits, such as the ISC2 Community.
Learn more about how CCSP can help you migrate to the cloud securely in our eBook, 20 Tips for Secure Cloud Migration.
Download your copy of The Ultimate Guide to the CCSP and get started toward certification today.