Infosecurity education body (ISC)2 is collaborating with the Cloud Security Alliance (CSA) to launch a new certification the pair hope will offer cloud security professionals an important benchmark for competence in the field.
According to (ISC)2, the tie-up will see the qualification created using subject matter and the expertise of both organisation’s membership with a view to laying down what professionals should know to work in cloud security.
The initiative stems from a concern that such skills are currently poorly defined in an area that has emerged in a matter of only a few years, leaving risk and security management to develop on an almost ad-hoc basis.
“The Information security community remains concerned about the proliferation of cloud computing because it is making its way into the mainstream without the associated risks being well understood,” said (ISC)2 managing director John Colley.
“Establishing professional norms will ensure the required knowledge and decision-making skills are proliferated,” he said.
Cloud security was now expanding rapidly and this required some form of validation in terms of a qualification, Colley believed.
“It is incumbent upon us to make our collective experience as accessible as possible, and the further development of professional–level recognition is key to achieving this,” echoed Jim Reavis, co-founder and executive director of the Cloud Security Alliance.
The (ISC)2 2013 Global Information Security Workforce Study (GISWS) found that cloud computing had become the top area in terms of training demand among the 12,000 professionals surveyed.
The CSA already offers the Certificate of Cloud Security Knowledge (CCSK), while the (ISC)² has firmly established its Certified Information Systems Security Professional (CISSP).
The new qualification, yet to be formally named, is expected to become available in 2014.