SPATHE has positioned itself as a premier provider of cybersecurity services. We serve combatant commands, Intelligence agencies and multi-nation coalitions by embodying the five functions of the cybersecurity framework.

As leaders in DEVSECOPS, we strive to automate security integration at every phase of the software development lifecycle. This includes the initial design and continues through the integration, testing, deployment, and software delivery. Security is one of our major pillars and we fully understand the importance of the DevSecOps model in developing and maturing an organization’s tactics, techniques, and procedures.

As the cyber industry transitions to more efficient models of conducting business, organizations in private and public sectors are migrating to the adoption of cloud computing. Shifting the responsibilities of traditional data centers to trusted, third-party Cloud Service Providers (CSP) could add value to an organization’s growth strategy. Gartner predicts “The 10 biggest public cloud providers will command, at a minimum, half of the total public could market until at least 2023” and 81% of surveyed participants stated that they are working with two or more CSPs.

As cybersecurity professionals, we need to make sure that we are ready for this shift!

There are multiple service offerors in the CSP market that tailor solutions based on customer storage, computing, and capacity needs. Regardless of which CSP a company decides to partner with, obtaining a cloud certification can benefit your professional development. Here are Spathe’s recommendations for the current most competitive Cloud Certifications in the CSP space:

COMPTIA Cloud+

The Computing Technology Industry Association is a nonprofit trade association based in Downers Grove, Illinois. Often considered one of the IT industry’s top trade associations, CompTIA issues vendor-neutral certifications in over 120 countries.

Cloud+ provides a Cloud certification suited to newcomers of cloud technologies. Despite its flexibility, Cloud+ still requires experience with security, networking, storage, computing, and virtualization.

If you are unsure of a Cloud path, Cloud+ will be a great fit for you as you can use the concepts and principles of vendor-specific certifications in the future. CompTIA Cloud+ is also compliant with ISO 17024 standards and approved by the US DoD to meet directive 8570.01-M requirements.

Google Cloud Certified – Professional Cloud Security Engineer

Google’s cloud offering has proven to be a major competitor in this space. By utilizing security practices and industry requirements, the professional designs, develops, and manages a secure infrastructure through Google security technologies.

The Cloud Security Professional should be proficient in all aspects of Cloud Security. This includes managing identity and access management, defining organizational structure and policies, and using Google technologies to provide data protection. Additionally, configuring network security defenses, managing incident responses, and an understanding of regulatory concerns are important.

Microsoft Azure Security Engineer Associate

Microsoft Azure is a cloud computing service for building, testing, deploying, and managing applications through Microsoft data centers. It provides software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS) and supports many different programming frameworks.

The Microsoft Azure Security Engineer Associate is the newest role in the certification path. To become a Microsoft Certified Azure Security Engineer, you need to pass one certification – Exam AZ-500: Microsoft Azure Security Technologies.

Once passed, you will become a Microsoft Certified Azure Security Engineer and will receive a badge of Azure Security Engineer.

Amazon Web Services (AWS) Certified Security – Specialty

AWS is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals and companies. This metered, cloud computing service provides a set of technical infrastructure building blocks.

Much like Microsoft’s certification model, AWS follows a general-to-specific certification path allowing for these credentials to be obtained by individua based on their needs. AWS Certifications are grouped in four  levels: Foundations, Associate, Professional and Specialty.   The Foundations level comprises of entry level certifications, the Associate level certifications require some in-depth and broad knowledge of AWS services configuration, the Professional level certifications call for expert level of knowledge for the selected role-based certification. The certifications that fall under the Foundational & Associate level can be considered as the prerequisite for this Professional Level.  Lastly the Specialty level certification requires a deep knowledge of the chosen domain as the exam level of the specialty certifications is quite higher.

The AWS Security certification falls in the Specialty category and has several prerequisites. The certification covers many subjects that include specialized data classifications and AWS protection mechanisms, data encryption methods, secure Internet protocols, and AWS security services.

Obtaining any of the above certifications is a great accomplishment, especially when it fits with your career goals and customer needs. The proper certification will strengthen your skillsets and provide you the necessary tools for success in Cloud security. Keep on learning!

---