Companies are increasingly opting to migrate their IT infrastructure and services onto Cloud, driven by obvious reasons - cost effectiveness and scalability. However, many are unaware of the "shared security responsibility" with Cloud Service Provider (CSP) and assume that security responsibilities will be the function of the CSP. Cloud security breaches are on the rise and most can be attributed to 'the customer's fault'. It is important for companies to understand the various cloud deployment models, carefully assess and evaluate the inherent risks for each, and put in place measures and safeguards to ensure cloud security risks are managed effectively.
Note: pricing is customised, contact us for more information.
2 days Classroom/virtual
- IT executives
- Risk management and compliance executives
- Internal audit executives
The course aims to provide participants a better understanding of the cloud architecture and deployment models, benefits of each, and the security related risks companies will need to be aware of as they move their services onto the cloud platform.
At the end of the course, participants will be able to take away key learning points and tips in understanding cloud fundamentals and the following:
- Recognise the key components and unique characteristics of the cloud
- Recognise the business value of using the cloud
- Identify the security and non-security risks arising from use of the cloud
- Understand the key auditing techniques on cloud
- What is cloud computing?
- History and evolution of cloud
- Core Services: Compute, storage, network, and database
- Why businesses are moving to cloud such as on-demand, elasticity, pay per Use, independent resource pooling, network access
- Cloud concepts (covering on-premises vs. cloud, virtual resource, availability zone vs. region vs. edge locations, etc.)
- Deep dive into cloud categories and delivery models: Categories: Public cloud /Private cloud /Hybrid cloud /Community cloud
- Delivery models such as business process cloud /SaaS /PaaS / IaaS
- Design for failure
- Design principles
- Scalability (vertically and horizontally, covering stateless applications, distribution of load to multiple loads, stateless/stateful components, distributed processing, etc.)
- Disposable resources (covering bootstrapping, golden images, containers, etc.)
- Loose coupling and removing single points of failure (e.g. redundancy, durable data storage, detecting failure, fault isolation, etc.)
- Automation (serverless management and deployment, alarms and events, etc.)
- Built-in security (touching on defense in depth, shared responsibility models, reduced privileged access with identity access management, real-time auditing, security as code, etc.)
- Cost optimisation
- High performance
- Cloud threats and mitigation strategies
- Shared responsibility model
- Responsibilities of the customer / Secure cloud case studies
- Cloud audit - Value and tactics / Cloud management audit/assurance programme / SOC 2 compliance
Professional associations recognising PwC CPE points