shawn harris - ccsp sah v2
Post on 23-Jan-2017
45 Views
Preview:
TRANSCRIPT
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Introduction to the CCSPShawn Harris, CISSP-ISSAP, CCSP
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Developed by Cloud Security Alliance (CSA) and (ISC)² to help
information security professionals achieve the highest standard for
cloud security expertise and enable organizations to benefit from the power of cloud computing while keeping sensitive data secure.
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Why CCSP?The industry needs:
• Professionals who understand and can apply effective security measures to cloud environments
• A reliable indicator of overall competency in cloud security
• Roadmap and career path into cloud security
• Common global understanding of professional knowledge and best practices in the design, implementation and management of cloud computing systems
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Who are CCSPs?
CCSPs are information security professionals with deep-seated knowledge and competency in applying best practices to cloud security architecture, design,
operations, and service orchestration. These professionals have the cloud security knowledge, skills and experience to be successful in securing
their cloud environments.
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
CCSP Candidates• CCSP is most appropriate for those whose day-to-
day responsibilities involve procuring, securing and managing cloud environments or purchased cloud services. In other words, CCSPs are heavily involved with the cloud. Many CCSPs will be responsible for cloud security architecture, design, operations, and/or service orchestration.
Example job functions include, but are not limited to: Enterprise Architect Security Architect Security Manager Security Administrator Security Consultant Systems Architect Systems Engineer Security Engineer
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
The 6 CCSP Domains
• Architectural Concepts & Design Requirements• Cloud Data Security• Cloud Platform & Infrastructure Security• Cloud Application Security• Operations• Legal & Compliance
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Architectural Concepts & Design Requirements
• Understand Cloud Computing Concepts• Cloud Reference Architecture• Security Concepts Relevant to Cloud• Design Principles of Secure Cloud Computing• Identify Trusted Cloud Services
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Cloud Data Security• Understand Cloud Data Lifecycle• Design and Implement Cloud Data Storage
Architectures• Design and Apply Data Security Strategies• Understand and Implement Data Discovery and
Classification Technologies• Design and Implement data protections for PII• Data Rights Management• Data Retention, Destruction and Archiving policies• Design and Implement Auditability, Traceability and
Accountability of Data Events
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Cloud Platform & Infrastructure Security
• Cloud Infrastructure Components• Analyze Risks Associated to Cloud Infrastructure• Design and Plan Security Controls• Plan Disaster Recovery and Business Continuity Management
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Cloud Application Security• Training and Awareness in Application Security• Understand Cloud Software Assurance and Validation• Use Verified Secure Software• Comprehend the Software Development Life-cycle (SDLC) Process• Apply the Secure Software Development Life-Cycle• Comprehend the specifics of Cloud Application Architecture• Design Appropriate Identity and Access Management (IAM) Solutions
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Operations
• Support the Planning Process for the Data Center Design• Implement, Build, Run, and Manage Physical Infrastructure for Cloud
Environment• Implement, Build, Run, and Manage Logical Infrastructure For Cloud
Environment• Ensure Compliance with Regulations and Controls• Conduct Risk Assessment to Logical and Physical Infrastructure• Understand the Collection, Acquisition and Preservation of Digital Evidence• Manage Communication with Relevant Partners
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Legal & Compliance• Understand Legal Requirements and Unique Risks within the Cloud
Environment• Understand Privacy Issues, Including Jurisdictional Variation• Understand Audit Process, Methodologies, and Required Adaptations for
a Cloud Environment• Understand Implications of Cloud to Enterprise Risk Management• Understand Outsourcing and Cloud Contract Design• Execute Vendor Management
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance
Additional Resources
• ISC2 CCSP Common Body of Knowledge guide book• CSA Cloud Controls Matrix• CSA Cloudbytes Webinars• CCSP Linkedin groups with Q&A opportunities
top related