Georges Stokes: Top Four Cyber Certifications
SPATHE has positioned itself as a premier provider of cybersecurity services. We serve combatant commands, Intelligence agencies and multi-nation coalitions by embodying the five functions of the cybersecurity framework.
As leaders in DEVSECOPS, we strive to automate security integration at every phase of the software development lifecycle. This includes the initial design and continues through the integration, testing, deployment, and software delivery. Security is one of our major pillars and we fully understand the importance of the DevSecOps model in developing and maturing an organization’s tactics, techniques, and procedures.
As the cyber industry transitions to more efficient models of conducting business, organizations in private and public sectors are migrating to the adoption of cloud computing. Shifting the responsibilities of traditional data centers to trusted, third-party Cloud Service Providers (CSP) could add value to an organization’s growth strategy. Gartner predicts “The 10 biggest public cloud providers will command, at a minimum, half of the total public could market until at least 2023” and 81% of surveyed participants stated that they are working with two or more CSPs.
As cybersecurity professionals, we need to make sure that we are ready for this shift!
There are multiple service offerors in the CSP market that tailor solutions based on customer storage, computing, and capacity needs. Regardless of which CSP a company decides to partner with, obtaining a cloud certification can benefit your professional development. Here are Spathe’s recommendations for the current most competitive Cloud Certifications in the CSP space:
- Certification Type: Cloud
- Used For: Cloud Infrastructure Services
- Career Opportunities: Systems Administrator, Network Administrator,
- What you will Learn: Configurations & Deployment, Security, Management
The Computing Technology Industry Association is a nonprofit trade association based in Downers Grove, Illinois. Often considered one of the IT industry’s top trade associations, CompTIA issues vendor-neutral certifications in over 120 countries.
Cloud+ provides a Cloud certification suited to newcomers of cloud technologies. Despite its flexibility, Cloud+ still requires experience with security, networking, storage, computing, and virtualization.
If you are unsure of a Cloud path, Cloud+ will be a great fit for you as you can use the concepts and principles of vendor-specific certifications in the future. CompTIA Cloud+ is also compliant with ISO 17024 standards and approved by the US DoD to meet directive 8570.01-M requirements.
Google Cloud Certified – Professional Cloud Security Engineer
- Certification Type: Cloud Security
- Used For: Google Cloud Infrastructure
- Career Opportunities: Security Engineer, Cloud Security
- What you will Learn: Configure Google VPC networks, subnets, and routers, managing access, defining organizational structure/ policies, configuring network security, and analyzing logs.
Google’s cloud offering has proven to be a major competitor in this space. By utilizing security practices and industry requirements, the professional designs, develops, and manages a secure infrastructure through Google security technologies.
The Cloud Security Professional should be proficient in all aspects of Cloud Security. This includes managing identity and access management, defining organizational structure and policies, and using Google technologies to provide data protection. Additionally, configuring network security defenses, managing incident responses, and an understanding of regulatory concerns are important.
Microsoft Azure Security Engineer Associate
- Certification Type: Cloud Computing – Security
- Used For: Microsoft Azure Security
- Career Opportunities: Security Engineer, Cybersecurity Analyst, DevOps Engineer, Web Developer
- What you will Learn: How to manage Identity and Access, Implement Platform Protection
Microsoft Azure is a cloud computing service for building, testing, deploying, and managing applications through Microsoft data centers. It provides software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS) and supports many different programming frameworks.
The Microsoft Azure Security Engineer Associate is the newest role in the certification path. To become a Microsoft Certified Azure Security Engineer, you need to pass one certification – Exam AZ-500: Microsoft Azure Security Technologies.
Once passed, you will become a Microsoft Certified Azure Security Engineer and will receive a badge of Azure Security Engineer.
Amazon Web Services (AWS) Certified Security – Specialty
- Certification Type: Cloud Computing – Security
- Used For: AWS Cloud Service hosted environments
- Career Opportunities: Information System Security Engineer, Assessment and Authorization Analyst, Cloud Engineer
- What you will Learn: Data classification / data encryption methods in AWS environments, use case principles of diverse secure internet protocols, AWS security services and features of services to provide a secure production environment.
AWS is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals and companies. This metered, cloud computing service provides a set of technical infrastructure building blocks.
Much like Microsoft’s certification model, AWS follows a general-to-specific certification path allowing for these credentials to be obtained by individua based on their needs. AWS Certifications are grouped in four levels: Foundations, Associate, Professional and Specialty. The Foundations level comprises of entry level certifications, the Associate level certifications require some in-depth and broad knowledge of AWS services configuration, the Professional level certifications call for expert level of knowledge for the selected role-based certification. The certifications that fall under the Foundational & Associate level can be considered as the prerequisite for this Professional Level. Lastly the Specialty level certification requires a deep knowledge of the chosen domain as the exam level of the specialty certifications is quite higher.
The AWS Security certification falls in the Specialty category and has several prerequisites. The certification covers many subjects that include specialized data classifications and AWS protection mechanisms, data encryption methods, secure Internet protocols, and AWS security services.
Obtaining any of the above certifications is a great accomplishment, especially when it fits with your career goals and customer needs. The proper certification will strengthen your skillsets and provide you the necessary tools for success in Cloud security. Keep on learning!