Google Cloud Certification Addresses High Stakes Of GCP Security

Google Cloud is addressing the high-stakes issue of cloud security—and the high demand for cloud security professionals—with its new Professional Cloud Security Engineer certification that will be available next month and its separate Security in Google Cloud Platform Specialization.

Businesses are concerned about the shortage of skilled talent to manage cloud technology, make certain that security controls are in place, and manage cloud-based access to ensure computing workloads and data are protected, according to Tanay Buddhdev, a security and compliance specialist for Google Cloud customer engineering.

“As data and apps move to the cloud, cloud security is increasingly crucial for organizational success,” Buddhdev said in a blog post yesterday. “The cost and stakes of a security breach are too high, and organizations are realizing they need a skilled team able to handle the ever-increasing workload.”

Google Cloud Wednesday said it’s completed the beta version of its Professional Cloud Security Engineer Certification program announced in January. Scheduling for the exam-based certification will be generally available on April 1, and the first available test date will be April 8 at Google Cloud’s Next ’19 summit in San Francisco.

The program tests participants' abilities to design, develop and manage a secure infrastructure on Google Cloud Platform using Google security technologies. It requires proficiencies in managing identity and access management, defining organizational structure and policies, using Google technologies to provide data protection, configuring network security defenses, collecting and analyzing Google Cloud Platform logs, managing incident responses and understanding regulatory concerns.

In today’s world of ever-evolving security threats, solution providers are under increasing pressure to position themselves competitively in helping customers integrate and align requirements for privacy and security alongside those for functionality and performance, according to Robert Hawk, operations security lead at xMatters, a San Ramon, Calif.-based digital service availability platform for incident management and a Google Cloud Technology Partner.

“Google’s new security certification for GCP is not only an excellent added value to its infrastructure and platform-hosting operations, but the ideal framework for partners to deepen their knowledge of best-practice security controls and techniques on GCP,” Hawk said. “In time, I expect this type of certification will become a benchmark for the channel and perhaps grow to become a requirement for both internal and external auditing.”

The need for training more skilled and formally certified cloud security engineers is clearly evident, according to Tammy Cyphert, chief business officer at Dito, an enterprise information technology and cloud service provider based in Reston, Va.

“In today's reality of hybrid cloud environments and businesses migrating more applications and data to public clouds, Google has raised the bar and brought its best practices to the forefront of the conversation through this certification,” Cyphert said. “As something that will be generally available to both Google Premier Partners and our customers, we are able to better facilitate a conversation around security and reduce conversational friction with a single source of truth for operating securely on Google's platform.”

Google Cloud’s new Security in GCP Specialization includes online and on-demand training focused on secure Google Cloud Platform deployments and mitigating risks including distributed denial-of-service attacks, phishing and data exfiltration threats. Training areas covered include security keys, cloud identity and access management, GCP Resource Manager, Google virtual private cloud firewalls, Google Cloud load balancing, Google Cloud content delivery network, cloud storage access control technologies, Stackdriver, customer-supplied encryption keys, the Google Data Loss Prevention application programming interface and Google Cloud Armor.

Security training should be a mandatory part of cloud partner programs, according to Ethan Simmons, managing partner of Pinnacle Technology Partners (PTP), a Norwood, Mass.-based consulting and managed service provider specializing in cloud migration.

“Customers still do not fully take into account the shared security responsibility model when working with the cloud providers, so security accountability is often confusing,” Simmons said. “At PTP, we spend a great deal of time assisting our clients with cloud governance and security. This is exactly what these types of security certifications can help improve.”

An enrollment period started Wednesday for the training.

“It can be taken for any reason, but it is also a recommended part of preparing to test for the Professional Cloud Security Engineer Certification,” a Google Cloud spokesperson said. “This is considered an intermediate-level course and augments the more basic courses already available.”

Google Cloud is hosting a webinar on the training and certification Friday.