CSA Authorized Instructors

CSA Authorized Instructors


Interested in becoming an instructor? Learn more

CCSK Instructors

Completion of the CCSK and CGC Train The Trainer courses demonstrate a superior level of knowledge of all CCSK and CGC course material and the ability to convey CCSK and CGC course concepts to others. As such CSA hereby authorizes the following instructors to deliver CCSK Foundation, CCSK Plus, and CGC courses.

Angel AlonsoCCSK Authorized Instructor Certificate

Alonso has been working in Information Security since 2005. He is currently team leader in the GRC department at mnemonic. He is also board member of the Cloud Security Alliance (CSA) Norway. He works mainly as outsourced Chief Information Security Officer (CISO) and other security management roles.

Alonso holds three master degrees. Two of them are technical, Computer engineering and Computer security; while the third one is business oriented, Executive Master of Management. He also holds several certifications as ISACA CISM and CISA, SABSA SCF, PECB ISO27001 LI, (ISC)2 CISSP and CCSP, CSA CCSK and IAPP CIPP/E and CIPM.

Lyron AndrewsCCSK Authorized Instructor Certificate

Dr. Lyron H. Andrews experience spans three decades where he has worked as the network manager for the NYC Department of Education, Senior Director of IT at BMG, and Dean of Technology for BNY Mellon’s cloud platform. Over the past 20 years he has integrated cyber security management, implementation and consulting with teaching at Columbia University and other institutions in over 40 countries around the world. He is a co-author of the CISSP official student guide 5th edition released in 2018 and the CCSP 4th edition released in 2019. He serves as a facilitator for a Google K-12 think tank.

James ArlenCCSK Authorized Instructor Certificate

James currently works for one of the largest SaaS and PaaS global vendors providing advice and support for Public Cloud initiatives. Over the past twenty plus years, James has been delivering information security solutions to Fortune 500, TSE 100, and major public-sector organizations. In both consultant and staff member roles, James led business and technical teams of professionals in short-term projects as well as multi-year organizational change initiatives. James has been involved in information security policy, process, procedure, and architecture improvements for internationally known manufacturing, service and financial organizations. James is one of the authors of the CCSK and the CSA Guidance v4.

​Roberto BonalumiCCSK Authorized Instructor Certificate

Roberto Bonalumi is a freelance electronic engineer with 20 years of experience in information technology and security. He developed his experience in several consulting companies and with customers in financial and telecommunication industries, working as a technical specialist and as a PM for many security projects.

He is also an (ISC)2 CISSP official trainer, co-founder and director of (ISC)2 Italy Chapter, member of CSA Italy Chapter and member of Digital Forensics Alumni association.

Sarbojit BoseCCSK Authorized Instructor Certificate

Sarbojit Madhab Bose is a seasoned Information Technology security professional with a rare combination of over 30 years of experience. He has had the opportunity to work with Program and Project Delivery, Service Transition and Operation, Application Test and Implementation, Compliance and Quality, and Cybersecurity.

He is a self-employed professional trainer with expertise in the areas of Project and Product Management, Information Technology/Cyber/Cloud Security, Data Privacy, and Governance, Risk and Compliance. Along with CCSK, he is a certified PMP, PRINCE2, ITILv4, Cyber RESILIA, DevOps, DevSecOps, DevOps Leader, SRE, CTF, CASM, CISA, CRISC, CISM, CSX, CISSP, CIPT, PDPA and PDPP, SG.

Guillaume BoutisseauCCSK Authorized Instructor Certificate

Guillaume’s experience encompasses technical hands-on, project management and architecture roles in the media, television, and advertising industries, for various small and large companies.

He’s worked on cloud migration and transformation projects for the last 5 years, and has developed a strong expertise in the technical, business and security aspects of cloud computing.

Guillaume holds CCSP, CCSK v3, CCSK v4, Togaf and AWS certifications and he can deliver Cloud Security training in English and in French.

Jon-Michael BrookCCSK Authorized Instructor Certificate

Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in Information Security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security and Symantec. Mr. Brook's work traverses the government, financial, healthcare, gaming, oil and gas and pharmaceutical industries. Mr. Brook obtained a number of industry certifications, including CISSP and CCSK, has patents and trade secrets in intrusion detection, enterprise network controls, cross domain security and semantic data redaction. He has spoken at numerous events, including the Hackers on Planet Earth (HOPE), Cloud Security Alliance (CSA) Congress, IAPP Privacy Conferences and DoD Cyber Crime Conference. Additionally, Mr. Brook has contributed to a number of CSA projects over the past six years, and currently co-chairs the CSA Top Threats and Cloud Broker Working Groups. He holds a BS-CEN from the University of Florida and an MBA from the University of South Florida.

Peter van EijkCCSK Authorized Instructor Certificate

Dr. Peter van Eijk is one of the world's most experienced cloud trainers. He offers CCSK as an instructor-led online course, as well as in-person. He is an authorized CSA CCSK (since 2011) and (ISC)2 CCSP trainer with a passion to make you more effective in your work.

Moshe FerberCCSK Authorized Instructor Certificate

Moshe Ferber is a recognized industry expert and popular public speaker, with over 20 years’ experience at various positions ranging from the largest enterprises to innovative startups. Currently Ferber focuses on cloud security as certified instructor for CCSK & CCSP certification and participate in various initiative promoting responsible cloud adoption.

Michael GreenCCSK Authorized Instructor Certificate

Michael Green is a Senior Cloud Security Consultant working at BSI Cybersecurity and Information Resilience (Ireland). He has a combined total of 10 years experience in the fields of technology and education and has been working with cloud computing since 2016.

Yogesh GuptaCCSK Authorized Instructor Certificate

Yogesh Gupta is a cloud security architect presently based out of Bangalore, India. He has 15 years of cumulative and global experience in infrastructure, information and cloud security. After having worked in Corporates in his early career, he has established a successful cyber security firm in Bangalore, India in the year 2011 and worked with multiple clients across India. Middle-East, Africa, US and Australia. His current work area includes security assessment of cloud infrastructures and designing cloud security solutions. He holds CISSP, CCSP, CCSK, AWS architect and various other vendor certificates. He is a regular writer / blogger on various cloud security subjects. His current area of interest are Zero Trust Architecture and DevSecOps.

Ricci IeongCCSK Authorized Instructor Certificate

Dr. Ricci IEONG, Principal Consultant of eWalker Consulting (HK) Ltd, has over 20 years of industry experience in the Information Technology Industry as well as more than 17 years of experience in IT Security area specialized in Security Risk Assessment, IT Audit, Penetration Test and Computer Forensics Investigation. He is an Adjunct Assistant Professor in a university in Hong Kong, program director in HKUSpace on Digital Forensics Diploma course, authorized ISC2 Certified Cloud Security Professional (CCSP). He is also the Vice Chairman of of Professional Development of Cloud Security Alliance (HK & Macau Chapter) and an active speaker in many security events in Hong Kong and Asia Pacific region.

Vana KhuranaCCSK Authorized Instructor Certificate

Vana Khurana is Board Member and Director of Training at Cloud Security Alliance Delaware Valley Chapter. She also has a day job as Cloud Security Architect at a leading financial firm. In addition, she is a speaker, a mentor, and influencer and Professor Adjunct at Temple University in Philadelphia, PA. She holds CCSK, CCSP, CISSP, GSEC, AWS Architect, and TOGAF certifications. She loves the economy and growth of the public cloud and its contribution to the world!

Adrian LaneCCSK Authorized Instructor Certificate

Adrian Lane is a principle with research firm Securosis, and developer with cloud security firm DisruptOps. Adrian has over 25 years experience in data security and software development. Prior to joining Securosis, Adrian served as the CTO/VP at companies such as IPLocks, Touchpoint, CPMi and Transactor/Brodia. Presently Adrian focuses DevSecOps and Cloud security, performing cloud security audits, training and building solutions for secure cloud deployments.

Adrian is a Computer Science graduate of the University of California at Berkeley with post-graduate work in operating systems at Stanford University.

Terumi LaskowskyCCSK Authorized Instructor Certificate

Terumi is an independent IT security consultant, technical instructor, and prior Military Police officer with over 25 years of experience in IT and IT security. She headed the consulting teams at Symantec and RSA Japan and managed IT for several financial companies in Japan. Her current customers include Fortune 500 companies, government, and defense organizations in the US, Japan, Europe, and the Far East. She is certified in CISSP, CCSP, CCSK, CEH, CCNA, Security+, Network+, Scrum Master, and others. She enjoys learning and teaching emerging technologies, and her current interests are Cloud Security, DevSecOps, and Blockchain trust and security.

Ian LoeCCSK Authorized Instructor Certificate

Ian has more than 20 years of experience in the IT industry with wide industry experience spanning public sector to financial services. He has deep knowledge in both infrastructure and application security with deep expertise in governance and security technologies.

Today Ian is the SVP of Cybersecurity in a large conglomerate and responsible for the management of cybersecurity in the group. He has held other senior appointments such as Director, Government Cybersecurity Operations and was responsible for managing cybersecurity operations for the whole of government in Singapore, which includes the monitoring of and response to cybersecurity incidents.

Ben MalisowCCSK Authorized Instructor Certificate

Ben Malisow has been working in the security, information, and information security fields for over 25 years. He has provided consulting and training services to federal agencies, multinational businesses, and international clients, as well as publishing a variety of works for the industry (including the official CCSP Study Guide and Practice Tests books). He has also taught at the junior high, high school, college, and university levels. You can find continual updates to his work on his blog and podcast at www.securityzed.com.

Mohamed MalkiCCSK Authorized Instructor Certificate

Mohamed Malki is an active member in Colorado cyber security community and global contributor to cyber security trainings and certifications. Mr.Malki is CISSP-ISSEP, CISA, CISM, CEH, Triple AWS Certifications (Arch, Dev, and Pract) , CSA CCSK, ISC2 CCSP, CompTIA Cloud+ and CSA+ Subject Matter Expert (SME). Mr. Malki is the director of enterprise security architecture and HIPAA officer with Colorado Governor Office of IT. Mr. Malki is the chairman of OIT Cloud Computing Governance Community with task to coordinate and collaborate cloud services consumption throughout the enterprise. Mr. Malki holds masters in electrical and computer engineering.

Ramiah MarappanCCSK Authorized Instructor Certificate

Ramiah Marappan has thirty (30) years’ experience and expertise in Information Security Consulting, Design, Development and Operations, Security Risk Assessment, Policy Development and Implementation, Security Operations, Infrastructure Design and Operations and Training. Delivered consulting, design and build engagements for Financial Institutions, Government, Manufacturing, Retail, Academic Institutions, Telecom, Commercial and Aviation in Asia Pacific, Middle East and Europe regions. Has also ten (10) Teaching experience in Information Security, Networking and Data Centre Operations, DevOps, Privacy and Cloud. He also participates in ISO ISO/IEC JTC 1/SC 27 committee as a subject matter expert. His certifications include CISSP, CISA, CCSK, CBSA, DevOps, DevSecOps certifications.

Rich MogullCCSK Authorized Instructor Certificate

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and featured speaker at the security industry’s largest events, including RSA and Black Hat. Rich was previously a Research Vice President at Gartner on the security team and co-chair of the Gartner Security Summit.

Masahiro MorozumiCCSK Authorized Instructor Certificate

Masahiro Morozumi, current chairman of CSA Japan chapter and qualified CCSK v4 instructor, has been designated a CSA Research Fellow, an honor for an individual who has demonstrated significant contributions to CSA research. He has contributed in CSA research working groups such as - IoT, Blockchain, Software Defined Perimeter, Cloud Access Security Brokers, Cloud Data Center Security & Industrial Controls System, and ISO 27017 mapping to CCM. Responsible for translation of CSA research artifacts in Japanese; they include:

  • Top Threats to Cloud Computing The Egregious 11
  • Guideline on Effectively Managing Security Service in the Cloud
  • Using Blockchain Technology to Secure the Internet of Things
  • Code of Conduct for GDPR Compliance
  • The Treacherous 12 – Top Threats to Cloud Computing + Industry Insights
  • Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
  • Identity and Access Management for the Internet of Things

Roc PaezCCSK Authorized Instructor Certificate

Roc Paez is a professional, career instructor and course developer, teaching and developing technical courses in the IT industry for over 34 years, the last 26 years with HP/HPE Education. Roc specializes in taking complex IT topics and making them simple and easy for students to understand. Roc teaches on a variety of subjects, including multiple Security courses and their applications within DevOps, ITIL, and IT4IT environments. Students consistently compliment Roc’s delivery style, saying his courses are the best they’ve ever taken.

Mike RothmanCCSK Authorized Instructor Certificate

Mike Rothman is the President of both cloud security automation company DisruptOps and information security research firm Securosis. His bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape and the evolution to the cloud. Mike is one of the most sought-after speakers and commentators in the security business and published the “Pragmatic CSO” in 2007. Mike has a BS in Engineering from Cornell University and does not sleep a lot.

Graham ThompsonCCSK Authorized Instructor Certificate

Graham Thompson has over 20 years information security experience assisting large enterprises and government agencies secure data and workloads. Dedicated to cloud security since 2010, Graham has built cloud implementation guidelines for the Government of Canada and has implemented and assessed cloud security for multiple NYSE and NASDAQ publicly traded companies in the financial, retail and telecommunications sectors. In addition to delivering awesome CCSK courses that address real-world challenges, he is an authorized instructor for both CCSP and CISSP courses by ISC2.

Faisal YahyaCCSK Authorized Instructor Certificate

Faisal has two decades of progressive leadership experience in Cyber Security and Enterprise Architecture. He plays an integral role in spearheading all Cloud Security, IT Infosec Strategy, Security Technology Roadmaps, Cyber Security Architecture, Incident Response Team, and Red/Blue Teaming (cross-functional team leadership – Purple teaming). Proven role model, Virtual CISO, and an engineering mentor, including university post-graduate lecturer.

Faisal engaged with the Asian IT communities by actively researching, speaking at public conferences, and advocating for better Cybersecurity. Experience in white paper development, technical presentations to clients, and technical writing. He is passionate about applying the latest technology securely and efficiently.

Rafael Wong Sze YiuCCSK Authorized Instructor Certificate

Rafael currently serves as senior consultant of eWalker Consulting (HK) Ltd. And has more than 7 years of industry experience specializing in Security Risk Assessment, IT Audit, Ethical Hacking, Penetration Test and Computer Forensics Investigation. Throughout Rafael’s career in IT security field, he has conducted numerous cloud security related training and workshop for various organization, such as Hewlett-Packard (HPE), Hong Kong Productivity Council (HKPC) and so on. Regarding to cloud assessment, Rafael has conducted corresponding security assessment and audit, including public and private cloud security review, cloud application penetration test, for various enterprises.

CGC Instructors

Jon-Michael BrookCGC Authorized Instructor Certificate

Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in Information Security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security and Symantec. Mr. Brook's work traverses the government, financial, healthcare, gaming, oil and gas and pharmaceutical industries. Mr. Brook obtained a number of industry certifications, including CISSP and CCSK, has patents and trade secrets in intrusion detection, enterprise network controls, cross domain security and semantic data redaction. He has spoken at numerous events, including the Hackers on Planet Earth (HOPE), Cloud Security Alliance (CSA) Congress, IAPP Privacy Conferences and DoD Cyber Crime Conference. Additionally, Mr. Brook has contributed to a number of CSA projects over the past six years, and currently co-chairs the CSA Top Threats and Cloud Broker Working Groups. He holds a BS-CEN from the University of Florida and an MBA from the University of South Florida.

Brian HonanCGC Authorized Instructor Certificate

Brian Honan, CEO of BH Consulting, has over 25 years’ experience in Information Security and is one of Ireland’s foremost experts in cybersecurity. Over his long-established career, he has worked with organisations, ranging from SMEs to large, multinationals, Government departments in Ireland and the UK and Government security agencies, such as the European Network and Information Security Agency and the European Commission. He is also an appointed special advisor on Internet Security to Europol’s CyberCrime Centre (EC3). Brian regularly presents at industry conferences including the RSA Conference (Europe and US), B-Sides London, Source Conferences, Cloud Security Summit, Infosec Europe and IDC IT Security Seminar.

Neha ThethiCGC Authorized Instructor Certificate

Neha works with BH Consulting as an Information Security Analyst in Dublin, Ireland. Her role includes carrying out security assessments for cloud environments, digital forensic investigations, vulnerability assessments and conducting audits against the ISO 27001 security standard. She has contributed to published security research and white papers on cloud security. She has presented at industry events including SecureCloud 2016, B-Sides London and Source 2015. Neha has lectured on subjects like digital forensics, web development and business continuity.

Certifications achieved - AWS Certified Solutions Architect - Associate (CSA), Certificate of Cloud Security Knowledge (CCSK), GSEC Certified Professional (SANS), AccessData Certified Examiner (ACE), ISO 27001 Certified ISMS Lead Auditor.

Become an Instructor

To become a CCSK instructor you must comply with all the following requirements:

  • Hold a CCSK certificate
  • Hold a current (currently v4) CCSK PLUS training certificate
  • Complete a current (currently v4) CCSK Train the Trainer (TTT) course
  • Pass the TTT exam
  • Maintain a current CCSK instructor certificate
  • Become affiliated with a CSA CCSK Training Partner
  • Contact us at [email protected] to learn more