Education

Cloud Computing Security Knowledge - Foundation
The CCSK - Foundation course is based on V3.0 of the CCSK exam and the CSA Security Guidance for Critical Areas of Cloud Computing V3.0.

The Cloud Computing Security Knowledge- Foundation class provides students a comprehensive one day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK v3.0 certificate exam. Starting with a detailed description of cloud computing, the course covers all major domains in the Guidance v3.0 document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA).

This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management). View the class schedule page.

Certificate of Cloud Security Knowledge - Plus
The CCSK- Plus class builds upon the CCSK Foundation class with expanded material and extensive hands-on activities with a second day of training. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud.

This second day of training includes additional lecture, although student’s will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises. View the class schedule page.

CCSK Training Partner Program
For organizations wishing to be partners to provide training for the above courses, please review the CCSK Training Partner Program here. View the class schedule page.

CCSK Master Training Partners

Partner	Contact Information
Hewlett Packard Enterprise Education Services	Email APJ Region Email AMS Region Email EMEA Region Visit website

The first ever class dedicated to assessing and implementing PCI DSS controls in cloud computing environments covers how to think of and how to do PCI DSS in various cloud computing environments. Focused primarily on people familiar with PCI DSS, it starts from the “hype-free” cloud computing facts and then delves into key scenarios where PCI DSS and clouds overlap in the real world. You will learn where to look while assessing such environments and what pitfalls and mistakes to avoid. It will also cover the shared responsibility between service providers and merchants in implementing PCI DSS controls. Specifically, we will discuss how PCI DSS Requirement 12.8 applies to various cloud scenarios.

The class would be most useful to PCI DSS QSA, organizations offering PCI DSS consulting as well as merchants planning or implementing PCI compliance.

New classes will be announced soon. Please check back here, or follow the CSA Class Schedule.

Download courseware: How to do PCI DSS in the Cloud (pptx).
Download courseware: How to do PCI DSS in the Cloud (ppt).

Training Course Overview

This training course is designed to provide training for CSA's Cloud Controls Matrix (CCM), which is a part of CSA’s GRC Stack toolkit. The course will also provide an introduction to the Consensus Assessments Initiative Questionnaire (CAIQ) and CSA Security, Trust & Assurance Registry (STAR).

Course curriculum will center on:

KEY LEARNING OBJECTIVES

Upon completion of this training, the attendee should be able to use the CCM and CAIQ to be able to:

For a cloud vendor:

For a cloud customer or cloud auditor:

CCM Training is currently being offered upon request. Please email us for more information.

Upcoming Training Opportunities

Developed by two leading non-profits focused on cloud and information security, the Cloud Security Alliance (CSA) and (ISC)², the Certified Cloud Security Professional (CCSP) credential denotes professionals with deep-seated knowledge and competency derived from hands-on experience with cyber, information, software and cloud computing infrastructure security. CCSPs help achieve the highest standard for cloud security expertise and enable organizations to benefit from the power of cloud computing while keeping sensitive data secure.

The CCSP credential is designed for experienced information security professionals with at least five years of full-time IT experience, including three years of information security and at least one year of cloud security experience. The CCSP credential is suitable for mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing.

The CCSP exam, administered at Pearson Vue Testing Centers across the globe, tests competence in the six CCSP domains of the (ISC)² CBK (Common Body of Knowledge). Candidates have 4 hours to complete 125 multiple choice questions with a score of 700 or better out of 1000 to pass. The six domains covered on the exam are:

• Architectural Concepts & Design Requirements
• Cloud Data Security
• Cloud Platform & Infrastructure Security
• Cloud Application Security
• Operations
• Legal & Compliance

Learn more about the CCSP credential and its training opportunities:

Visit the (ISC)² Website

Cloud Control Matrix Training Opportunities

Cloud Control Matrix training is offered on a request basis only. If you are interested in scheduling a training date please contact [email protected].

CCSK Master Training Partners

Partner	Contact Information
Hewlett Packard Enterprise Education Services	Email APJ Region Email AMS Region Email EMEA Region Visit website

CCSK Training Partners