CCAK Testimonials: From a Cybersecurity Architect
Published 04/22/2021
The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical education for cloud IT auditing. In this blog series, we’re interviewing developers of the CCAK about the importance of this certification and who should consider earning it. In this second blog, we’re interviewing John Guckian from IBM.
1. How is the CCAK certification program different from other IT audit certification programs?
The CCAK is intended to give IT and Security professionals the ability to evaluate third party and cloud service providers when aligning with an organization’s governance, risk and compliance program. It will also allow professionals to better understand the lifecycle of audit and possess the knowledge to evaluate and prepare for on-prem and cloud security issues.
2. Why did you want to get involved in the development of the CCAK?
CSA has openly welcomed skilled professionals to participate in creating the new CCAK. I was treated as one of their own and saw an opportunity to work with highly intelligent individuals. We came together to share critical knowledge that society will need in support of a critical mission.
3. Who should earn their CCAK?
IT and Security individuals at any stage of their career can possess the knowledge to apply a risk-based approach to the audit lifecycle process. Prepare yourself with the techniques and gain the visibility into the mindset which risk and control stakeholders, customers, internal and/or external auditors, cloud service providers (CSP) and third-party service providers possess to better stand out during your engagements.
4. Why is the CCAK important?
The CCAK is tailored towards preparing individuals for engaging with risk and control stakeholders, customers, internal and/or external auditors, cloud service providers (CSP) and third-party service providers around the lifecycle process of audit. Achieve the ability to prepare, assess, review, monitor, remediate, and communicate around an organization's business and information technology environment.
5. What is the added value CCAK will bring to the market?
The CCAK will focus on Cloud Governance and Compliance, Cloud Auditing and the CSA-STAR program. Individuals will gain the knowledge about cloud security assessment methods and techniques, ensuring cloud services are compliant with company governance requirements, and understand cloud computing and cloud security from on-prem to cloud and hybrid security auditing.
6. Feel free to make any additional comments related to CCAK.
One of the proudest moments in my career was working on the CCAK with CSA. To everyone who I collaborated with, it was an absolute pleasure and I cannot wait to see the industry benefit from such a great product. Thank you everyone and I would love to remain connected for future projects.
When interviewed in a recent CCAK webinar, John summarized his experience with CSA in the following way:
Not too long ago, I remember studying for the CCSK by CSA and that education I was getting out of that exam, I still use today. That's what stuck with me the most and all throughout my whole career at IBM, I've been either writing policy or dealing with governance and compliance (from internal to external) and being able to take that knowledge and put it into the CCAK and share all of that education with other people is what opens my heart. That's really what drove me to do this - is giving back to society and really just working with extremely smart people on this whole entire project. It has been one of the greatest experiences of my life so far. I am extremely looking forward to the next steps and next phases of CCAK.
If you are actively involved in the CSA community you may be eligible for a discount on the CCAK exam and preparation materials. You can learn more about the Certificate of Cloud Auditing Knowledge, and purchase the exam and study materials here.
Related Articles:
Establishing an Always-Ready State with Continuous Controls Monitoring
Published: 11/21/2024
5 Big Cybersecurity Laws You Need to Know About Ahead of 2025
Published: 11/20/2024
Managing AI Risk: Three Essential Frameworks to Secure Your AI Systems
Published: 11/19/2024
9 Tips to Simplify and Improve Unstructured Data Security
Published: 11/18/2024