ISACA Manila Cloud Security Series: Cloud Security Fundamentals, Advance Cloud Security Application and Laboratory, and Auditing and Evaluating Cloud Security
During the pandemic, digital transformation strategies commanded enterprises to adopt and implement cloud projects leveraging on the flexibility and scalability of the Cloud. A lack of security oversight and rushed cloud adoption is the main contributor to the increased risk of cloud migration. In October 2022, security vendor Proofpoint reported that 2021 data from its customer base showed troubling trends: more than 90% of monitored cloud tenants were targeted every month, with some 24% successfully attacked. ISACA Manila prepared this course for participants to kickstart their cloud security learning journey. The ISACA Manila Cloud Security Series starts with the cloud security fundamentals, then progressing to advance cloud security applications, and finally completing your cloud security learning with Auditing and Evaluating Cloud Security.
Cloud Security Fundamentals focuses on how to properly evaluate cloud providers, perform risk assessment and review, and security architecture and operations on the cloud. The program aligns with the change in mindset from applying traditional infrastructure methodology to modern generation cloud operational and security.
Day 1 includes topics on cloud computing models, virtualization, hypervisors, public cloud service provider options, and private deployment options, the evolution of data centers through mixed traditional and cloud computing technologies. An in depth examination of the cloud components and trends disrupting traditional network and infrastructure design and implementation.
Day 2 touches on the governance, risk, compliance, and legal components of cloud platforms and tools that can help assess and evaluate cloud service providers. The biggest topic of data security will tackle how to protect data at rest and in transit on cloud platforms and how encryption and key management on cloud is more challenging and more secure on the cloud.
And finally, Day 3 will end the modules with topics relating to application security, devops, and IAM standards. Final topics in Cloud Sec Ops, Incident response, and SECaas will complete the fundamental course on Cloud Security.
•Articulate the differences between deployment models (public, private, hybrid, and community) versus service models (infrastructure-, platform-, and software-as-a-service) of cloud computing.
•Describe cloud security architectures from the perspectives of: providers, brokers, carriers, and auditors.
•Describe a methodology for orchestrating a cloud ecosystem.
•Understand how cloud computing changes the traditional enterprise security considerations compared to on-premise.
•Understand how application security and identity management considerations are different in the cloud, compared to on-premise.
•How shared security responsibilities change in each service model.