Cloud technologies dominate the modern software supply chain securing distributed assets, sensitive data, and dynamic user environments. The latest ISC2 Cybersecurity Workforce Study found cloud security has remained a cornerstone skill for today’s cybersecurity professionals and their organizations. Behind only AI, cloud security is the second most pressing needed skill for the profession.

Cloud architecture and secure design were called out by half of respondents focused on cloud skills (50%), underlining the critical role of design and implementation in successful and secure cloud deployments and operations. This was followed by cloud platform and infrastructure security (41%). Secure cloud deployment and configuration management (38%) is a highly topical response considering reports of several high-profile misconfiguration cloud issues in the last year that impacted both platform operators and their customers.
- 2025 ISC2 Cybersecurity Workforce Study

Launched in 2015, ISC2’s Certified Cloud Security Professional (CCSP) is the leading industry certification that demonstrates cybersecurity professionals have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud. To ensure the continued relevance of the CCSP exam, it is regularly refined to reflect the latest industry standards, emerging technologies, and best practices— keeping the content on pace with the rapidly evolving cyber landscape. To deliver this, the ISC2 Examinations Team collaborates closely with certified member volunteers and subject matter experts (SME) worldwide. Through rigorous Job Task Analyses (JTA), these experts identify the critical knowledge, skills, and abilities (KSA) required for success in today’s cybersecurity roles. This collaborative approach guarantees that every ISC2 exam remains aligned with the demands of modern cybersecurity professionals.

The upcoming exam outline will be in place for the CCSP beginning August 1, 2026. In this revision, the domains and domain weights along with their subdomains have been revisited and revised.

ISC2 CCSP Domains & Weights

CCSP Exam Outline

  1. Cloud Concepts, Architecture and Design (17%)
  2. Cloud Data Security (20%)
  3. Cloud Platform and Infrastructure Security (17%)
  4. Cloud Application Security (16%)
  5. Cloud Security Operations (17%)
  6. Legal, Risk, and Compliance (13%)

For more information on ISC2’s CCSP examination and training options visit https://www.isc2.org/certifications/ccsp