CCSK Success Stories: From a Managed Service Engineer
This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage knowledge from the CCSK in their current roles. In this blog, we'll be interviewing Gilbert Prakosa, Managed Service Engineer at NTT.
1. In your current role at NTT, as a Managed Service Engineer, you deliver IT managed services to your customer. Can you tell us about what your job involves?
My main responsibility is providing a managed service to clients to ensure that their IT infrastructure and systems remain operational through proactively monitoring, identifying, investigating and resolving technical incidents and problems. The primary objective is to ensure all requests, process events and resolution incidents result in zero missed SLA conditions.
2. Can you share with us some complexities in managing cloud computing projects?
Hybrid multi-cloud adoption adds greater complexity in managing new infrastructure models, especially security controls. There are many different security controls in on-premises, private cloud and public cloud. Managing consistency across different environments is quite challenging. Organizations need to rethink their IT security strategy when adopting cloud computing.
3. In managing (outsourced) cloud projects, what are useful tips you could share with IT professionals to avoid common pitfalls?
You must understand the differences about cloud and on-premises very well, like cost, control, shared responsibility model, and best practices.
4. What made you decide to earn your CCSK? What part of the material from the CCSK has been the most relevant in your work and why?
I love to learn. One area that interests me is cloud security. I believe CCSK is a strong foundation to gain skills in cloud security. Infrastructure security is the most relevant material for my work, because my role is to make sure all infrastructure is reliable and secure.
5. How does CCM help communicate with customers?
The Cloud Controls Matrix (CCM) is very useful for customers. It helps them determine cloud security standards and risk management when adopting cloud computing.
6. What’s the value in a vendor-neutral certificate like the CCSK or CCSP versus getting certified by AWS? In what scenario are the different certificates important?
The most significant benefit of vendor-neutral certification is that it provides you with a well-balanced approach and a comprehensive understanding of all areas of cloud computing and cloud security. So vendor-neutral certification is the foundation, and vendor-specific certification is additional, depending on specific needs.
7. Would you encourage your staff and/or colleagues to obtain CCSK or other CSA qualifications? Why?
Yes. With the growth of cloud computing, cloud security is becoming one of the critical skills one must have.
8. What is the best advice you will give to IT professionals in order for them to scale new heights in their careers?
Always be learning, improving your skills, and setting new goals for yourself. Getting an IT certification might help you focus and structure your studies. Make friends with people in your community who are also looking to enhance their IT skills. Growing together with your peers will make your journey enjoyable.