SSCP versus CCSP: Cloud security or systems security?


The SSCP (Systems Security Certified Practitioner) and CCSP (Certified Cloud Security Professional) certifications focus on systems security and cloud security, respectively. Both certifications are vendor-neutral and are offered by the same vendor — the International Information System Security Certification Consortium, or (ISC)².

No matter how small or large an organization is, it needs to have a viable information security plan to protect its information assets stored on-premises and/or on cloud-based infrastructure. Today, organizations are facing innumerable security threats, such as data loss that may occur due to human error, hardware failures or physical damage to the storage medium like water or fire disasters. In addition, massive security threats can come from unauthorized access that can happen due to loopholes in the company’s overall security posture. Today, businesses use system security to prevent data disclosure, modification, damage or destruction.

According to the security analysts, companies are moving their system and data to the cloud by leaps and bounds. Therefore, the security of the cloud is as important as it is for on-premises systems. For example, a cloud environment needs to be reconfigured with secure settings. To this end, the Center for Information Security (CIS) provides virtual images hardened in accordance with the CIS Benchmarks to offer internationally recognized configuration guidelines, also known as CIS Hardened Images®.

In this article, we will explore the SSCP and CCSP certifications and figure out which of them (or maybe both) are needed to build a career in systems or/and cloud security. The selection will be based on the job role you are going to perform in your organization.

SSCP and CCSP Common Body of Knowledge (CBK®)

The Common Body of Knowledge (CBK) is a comprehensive framework of all relevant subjects you should be familiar with, including best security practices, skills and techniques. The following (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: