Highlights
- Understand of the full capabilities of cloud computing.
- Learn how to develop a cloud security program.
- Recognised global standards.
- Learn best practices for IAM, cloud incident response, application security, data encryption, SecaaS, securing emerging technologies.
- Learn how to use 'Cloud Controls Matrix', to assess security of your organisation and of cloud providers.
Course Details
Module 1: Introductions, course orientation and starting surveys
Multiple quizzes with instant feedback to activate your Cloud Security learning
Establishing what you need to learn to pass CCSK v4
Module 2: Cloud Computing Concepts and Governance (CCSK Domains 1 and 2)
Cloud computing definitions, service models & core concepts
Cloud governance, enterprise risk trade-offs & third party management
Module 3: Legal, Compliance and Audit Considerations (CCSK Domains 3 and 4)
Legal considerations: due diligence, contracts, liabilities & litigation
Control frameworks, compliance scope, rights to audit, audit scoping
Module 4: Information Governance (CCSK Domain 5)
Data security lifecycle, data protection implications of cloud service models
Data Security Functions, Actors and Controls; data ownership
Module 5: Management Plane Security & Business Continuity (CCSK Domain 6)
Business Continuity and Disaster Recovery in the Cloud; resilience
Establishing, maintaining & monitoring management plane security
Module 6: Incident Response (CCSK Domain 9) and Security as a Service (CCSK Domain 13)
Incident response (IR) lifecycle; how the cloud impacts IR & service assurance
Major categories of Security as a Service (SecAAS): potential benefits and risks
Module 7: Infrastructure Security (CCSK Domain 7)
Understanding virtualisation: hypervisors, software defined networks
Hybrid cloud considerations: workload security, dynamic security needs
Module 8: Application Security (CCSK Domain 10); Virtualisation & Containers (CCSK Domain 8)
Secure Software Development Lifecycle; rise of DevOps/SecDevOps
Understanding application virtualisation trends: containers, APIs, FaaS
Module 9: Data Security & Encryption (CCSK Domain 11); Related Techologies (CCSK Domain 14)
Data security controls; symmetric & asymmetric encryption
Major technology trends: Mobile, Big Data, Internet of Things (IoT), AI & ML
Module 10: Identity Entitlement and Access Management (CCSK Domain 13)
Identity, authentication, identity binding & identity management
Authorisation, entitlements and access management
Module 11: Cloud Controls Matrix (CCSK Domain 15) and ENISA (CCSK Domain 16)
Harnessing the CSA Cloud Computing Matrix (CCM) Domains and Controls
European Network Information Security Agency (ENISA)’s Cloud Security role
Module 12: End of Course Revision, Discussions, Surveys and Feedback
Preparing for the CCSK v4 examination: identifying key focus areas
Reflecting on this CCSK course & using feedback to reinforce learning
Who should attend
Experienced IT and Information Security professionals who need to establish and prove competency in key cloud security issues and learn security best practices from cloud governance to configuring technical security controls.
Feedback
4.8 out of 5 average
"Our tailored course provided a well rounded introduction and also covered some intermediate level topics that we needed to know. Clive gave us some best practice ideas and tips to take away. Fast paced but the instructor never lost any of the delegates"
Brian Leek, Data Analyst, May 2022
“JBI did a great job of customizing their syllabus to suit our business needs and also bringing our team up to speed on the current best practices. Our teams varied widely in terms of experience and the Instructor handled this particularly well - very impressive”
Brian F, Team Lead, RBS, Data Analysis Course, 20 April 2022