CSO: 8 top cloud security certifications

NetSPI practice director Karl Fosaaen was featured in a CSO online article called 8 top cloud security certifications:

As companies move more and more of their infrastructure to the cloud, they’re forced to shift their approach to security. The security controls you need to put in place for a cloud-based infrastructure are different from those for a traditional datacenter. There are also threats specific to a cloud environment. A mistake could put your data at risk.

It’s no surprise that hiring managers are looking for candidates who can demonstrate their cloud security know-how—and a number of companies and organizations have come up with certifications to help candidates set themselves apart. As in many other areas of IT, these certs can help give your career a boost.

But which certification should you pursue? We spoke to a number of IT security pros to get their take on those that are the most widely accepted signals of high-quality candidates. These include cloud security certifications for both relative beginners and advanced practitioners.

Going beyond certifications

All of these certs are good ways to demonstrate your skills to your current or potential future employers — they’re “a good way to get your foot in the door at a company doing cloud security and they’re good for getting past a resume filter,” says Karl Fosaaen, Cloud Practice Director at NetSPI. That said, they certainly aren’t a be-all, end-all, and a resume with nothing but certifications on it will not impress anybody.

“Candidates need to be able to show an understanding of how the cloud components work and integrate with each other for a given platform,” Fosaaen continues. “Many of the currently available certifications only require people to memorize terminology, so you don’t have a guaranteed solid candidate if they simply have a certification. For those hiring on these certifications, make sure that you’re going the extra level to make sure the candidates really do understand the cloud providers that your organization uses.”

Fosaaen recommends pursuing specific trainings to further burnish your resume, such as the SANS Institute’s Cloud Penetration Testing course, BHIS’s Breaching The Cloud Perimeter, or his own company’s Dark Side Ops Training. Concrete training courses like these can be a great complement to the “book learning” of a certification.

To learn more, read the full article here:

Risk scoring is now available to all PTaaS clients! Download this whitepaper to explore NetSPI's methodology and learn how to put your risk score to use.