: Istanbul-Turkey: +905395991206 - Amman-Jordan: +962785666966 London-UK: +447481362802
-->

Business Information Technology Planning, Deployment & Management

Cloud Management & IT Security




Introduction:

Cloud technologies have grown significantly over the past few years. Assessing commercial appetite and developing a business case for cloud migration, is just the start of a long and complicated process, to achieve some of its perceived benefits. How we approach the secure migration process for our existing applications and infrastructure, presents a whole new dilemma. It can entail the internal policies we may need to update and enforce, risk appraisal, and legal contract management of cloud vendor partners. Furthermore, how do we protect our corporate and sensitive data against our legal obligations, in addition to engineering an appropriate security solution? These are just a few of the challenges with cloud management and security.

Transitioning to the cloud may invariably mean migrating to an environment where part of the security function will be delivered by a third party. Given some of the benefits of cloud technologies, our internal risk management and security expertise need to be appraised of the best options available, from commencement. This course aims to provide security and management specialists with the key methods of assessing risk with cloud technologies and solutions. Moreover, auditing, network, and legal professionals will gain significant benefit as we look at the latest technologies securing cloud-based solutions while ensuring that policy, practice, and procedure cover relevant governance and compliance considerations that are required with such a major transformation.

This course will provide a practitioner approach to Information Security Management and how to address the commercial risks and realities with current best practice guidance in line with international standards. It will detail how to be proactive in your defense solutions and have countermeasures in place to deal with any appropriate security breach

Targeted Groups:

  • Technology Engineers, Chief Technology Officer (CTO) and Chief Information Officer (CIO)
  • Chief Risk Officers
  • Senior In-house Legal Counsel
  • Human Resource Professionals
  • Key Application Development and data Research Personnel
  • Strategic Development Directors
  • Crisis Management and Business Resumption Specialist Team Members

Course Objectives:

At the end of this course the participants will be able to:

  • Understand, and design a risk-based assessment program for cloud providers’ security solutions
  • Appreciate current threat and trend analysis for cybercrime and IT security breaches
  • Understand, identify and respond to an information security breach
  • Be appraised of key risk areas in cloud vendor contracts
  • Understand the layers of cloud technologies
  • Review and understand vulnerability assessments for cloud environments
  • Consider cloud security within Information Security Management
  • Understand the approach for Crisis Management and Disaster Recovery for cloud environments

Targeted Competencies:

  • Benefits and Pitfalls of Cloud Services
  • An Overview of Information Security
  • Risk Appraisal of Electronic and Physical Data Risk
  • Cloud Vendor Service Contracts
  • Security of Corporate Data in Cloud
  • Selecting the Appropriate Tools to Achieve the Best from Data Analytics

Course Content:
Unit 1: Introduction to Cloud Computing:

  • Benefits & commercial considerations of cloud Computing
  • Delivery models: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)
  • Cloud types (Public, Private, Hybrid)
  • Choosing a cloud service provider

Unit 2: IT Security Evolution:

  • Categorizing Physical and Electronic Risk
  • Networking and Communication Technology
  • Computer Systems Design
  • Legal and Regulatory Considerations
  • Current Threat and Trend Analysis

Unit 3: Compliance and Legal Considerations:

  • Compliance challenges for the cloud
  • Privacy concerns
  • Data Sovereignty
  • Cloud Supplier Agreements

Unit 4: Crisis Management and Approaching Risk Assessment:

  • Approaching Risk Assessment for cloud
  • Internal and external assessment
  • Data Security in the cloud
  • Encryption Architectures and Key Management
  • Data Life Cycle

 Unit 5: Identifying and Responding to Data Breaches:

  • Key factors to identify a security breach
  • Crisis Management Planning
  • Dealing with the initial crisis and media management
  • Forensic and Electronic investigations
  • Responding to Business Continuity