This virtual session will focus on the audit and security issues related to Cloud Computing environments:
- Understanding Cloud architectures and security & control components
- Understanding key risk and control issues.
Session Outline
- Cloud Computing Overview
- Cloud Architectures
- NIST Cloud Definitions (SP800-145)
- Service Models / Delivery Models
- AWS / Azure / Google Cloud Overview
Key Controls
- Cloud Governance
- Cloud Risks
- Risk Management
- ENISA Cloud Risk Assessment Resources
- Cloud Security Alliance Resources
- Security Guidance - Critical Areas of Focus for Cloud Computing
- Cloud Controls Matrix (CCM)
DevOps Controls in Cloud Environments
- Sec Dev Ops
- Key Control Practices
- Cloud / Virtualization / Containers