The new CCSP for 2019 - Domain Refresh
Read about the new update to (ISC)2 CCSP and how it will affect you.
Phoebe Savvides
01 April, 2019
(ISC)² introduced the Certified Cloud Security Professional (CCSP) certification in 2015 to address the growing need for highly skilled cloud security professionals. It’s a globally recognised way of proving your expertise in securing cloud infrastructure and ranked 5th in the Certification Magazine’s 2019 Salary Survey.
What’s changed?
The update is mainly a content refresh – making sure the CCSP reflects the most important issues that cloud security professionals currently face, and the best practices for mitigating those issues.The 6 domains that comprise the CCSP have had their content updated and their weightings have been changed. The 2019 CCSP certification will require competence in the 6 following cloud security domains:
- Cloud Concepts, Architecture and Design
- Cloud Data Security
- Cloud Platform & Infrastructure Security
- Cloud Application Security
- Cloud Security Operations
- Legal, Risk and Compliance
Here’s a table illustrating the changes in detail:
| Previous CCSP Domain Name | Previous Domain Weighting | New CCSP Domain Name | New Domain Weightings |
| Domain 1: Architectural Concepts and Design Requirements | 19% | Domain 1: Cloud Concepts, Architecture and Design | 17% |
| Domain 2: Cloud Data Security | 20% | Domain 2: Cloud Data Security | 19% |
| Domain 3: Cloud Platform and Infrastructure Security | 19% | Domain 3: Cloud Platform and Infrastructure Security | 17% |
| Domain 4: Cloud Application Security | 15% | Domain 4: Cloud Application Security | 17% |
| Domain 5: Operations | 15% | Domain 5: Cloud Security Operations | 17% |
| Domain 6: Legal and Compliance | 12% | Domain 6: Legal, Risk and Compliance | 13% |
The CCSP exam has also been shortened from 4 hours to 3. This is partly as timing analysis showed 3 hours was long enough, and partly to standardise test time across all (ISC)² exams.
Why do I want to get CCSP certified?
Forbes reported 77% of enterprises have at least 1 application in the cloud, and they estimate that 83% of an enterprise’s workload will be running in the cloud by 2020. With more reliance on the cloud, there’s a greater need in every business for cloud security skills.
In the last 2 years alone, businesses such as Facebook, Under Armour’s MyFitnessPal and TalkTalk have all suffered high profile cyber-attacks - increasing the urgency for certifications like the CCSP even more.
In the last 2 years alone, businesses such as Facebook, Under Armour’s MyFitnessPal and TalkTalk have all suffered high profile cyber-attacks - increasing the urgency for certifications like the CCSP even more.
Who is it for?
If you have a background in IT security systems and you’re interested in developing your knowledge in cloud security and infrastructure, the updated CCSP is the ideal choice.CCSP professionals will come from a suite of IT, IT security and compliance positions, including:
- System Architects, Engineer and Administrators
- Security Architects, consultants and mangers
- Governance, Risk & Compliance (GRC) professionals
What are the prerequisites?
You’ll need experience in applying security concepts and controls to cloud environments. This is enough to take a training course and even the CCSP exam, but there are specific conditions required to achieve the certification.According to (ISC)² prerequisites, candidates must have 5 years cumulative paid work experience in information technology. 3 years must be in information security, and 1 year in one or more of the 6 domains of the CCSP CBK.
An (ISC)² CISSP certification can substitute for all of these prerequisites. However, to gain the CISSP you need at least 5 years cumulative, paid, full-time work experience in 2 or more of the 8 (ISC)² CISSP Body of Knowledge (CBK) domains. You can also partially substitute this with a 4 year college degree or another approved (ISC)² certification.
How do I get certified?
Learn from official instructors, labs and courseware and sit your exam during the course, just steps from the classroom. Firebrand won the (ISC)² Official Training Provider Recognition Award 2018 and are the only training centre with Pearson VUE® Select Status - making us the only official training provider where you can take your (ISC)² exam during the course.Interested in getting the CCSP? get certified and fast with Firebrand’s all-inclusive accelerated CCSP course.