LDR520: OnDemand
Provided by SANS
What You Will Learn
What is Cloud Security Strategy?
Cloud Security Strategy is a comprehensive plan to protect the organization's data, workload, and infrastructure residing in the cloud(s) environment.
Cloud adoption is popular across all types of industries, and many organizations are taking strategic advantage of the cost and speed benefits of transitioning to the cloud. Since cloud environments differ significantly from traditional on-premises IT environments, in terms of protection requirements and threat vectors, the traditional network perimeter is no longer the most effective defense in cloud solutions. Organizations are migrating mission-critical workloads and sensitive data to private and public cloud solutions without always understanding the numerous key decisions needed for an organization's successful cloud transition. This cloud security implementation course walks the audience through the journey to mature their cloud security in each of the relevant security domains of cloud security strategy from beginning to high maturity state.
LDR520 complements traditional IT management techniques that leaders are accustomed to and helps with making appropriately informed decisions around strategy, financial investment, and necessary team technical knowledge and skill. We cover the key objectives of security controls in the cloud environment, including planning, deploying, and running the environment from the starting point to a progressively more mature state. There will be a focus on locking down the environment, securing the data, maintaining compliance, enhancing security visibility to the operations, and managing the security response on a continuous basis. Students will learn the essentials to lead the security effort for the cloud transition journey.
"This type of training, ie: cloud security from a management perspective, is rare and the quality of this one is definitely amazing." - Benoit Ramillion, UEFA
Business Takeaways
LDR520 uses case scenarios, group discussions, team-based security leadership simulations with embedded real life technical components to help students absorb both technical and management topics. About 60 minutes per day is dedicated to these learning experiences using the Cyber42 leadership simulation game. This web application-based game is a continuous exercise where students play to improve security culture, manage budget and schedule, and improve security capabilities at a fictional organization. This puts you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work.
"Loved the labs. They really help emphasize what we are learning." - Jana Laney
"Team is collaborative. We are all able to bounce ideas of each other comfortably and using AWS to get hands on makes it feel more real than if we were answering questions on a quiz." - Richard Sanders, Best Western International
Syllabus Summary
Additional Free Resources:
What is Cloud Security Strategy?
Cloud Security Strategy is a comprehensive plan to protect the organization's data, workload, and infrastructure residing in the cloud(s) environment.
Cloud adoption is popular across all types of industries, and many organizations are taking strategic advantage of the cost and speed benefits of transitioning to the cloud. Since cloud environments differ significantly from traditional on-premises IT environments, in terms of protection requirements and threat vectors, the traditional network perimeter is no longer the most effective defense in cloud solutions. Organizations are migrating mission-critical workloads and sensitive data to private and public cloud solutions without always understanding the numerous key decisions needed for an organization's successful cloud transition. This cloud security implementation course walks the audience through the journey to mature their cloud security in each of the relevant security domains of cloud security strategy from beginning to high maturity state.
LDR520 complements traditional IT management techniques that leaders are accustomed to and helps with making appropriately informed decisions around strategy, financial investment, and necessary team technical knowledge and skill. We cover the key objectives of security controls in the cloud environment, including planning, deploying, and running the environment from the starting point to a progressively more mature state. There will be a focus on locking down the environment, securing the data, maintaining compliance, enhancing security visibility to the operations, and managing the security response on a continuous basis. Students will learn the essentials to lead the security effort for the cloud transition journey.
"This type of training, ie: cloud security from a management perspective, is rare and the quality of this one is definitely amazing." - Benoit Ramillion, UEFA
Business Takeaways
- Establish cloud security program supporting the fast pace business transformation
- Understand current and future maturity level of the cloud security in contrast to the industry benchmarks
- Make informed decisions on cloud security program
- Anticipate the security capabilities and guardrails to build for the securing the cloud environment
- Safeguard the enterprise data as workloads are migrated to the cloud
- Define a strategy for securing a workload in the cloud for medium and large enterprises that can support their business objectives
- Establish a security roadmap based on the security strategy that can support a fast-paced cloud adoption and migration path while maintaining a high degree of security assurance
- Understand the security fundamentals of the cloud environment across different types of service offerings, then explain and justify to other stakeholders the relevant strategic decisions
- Build an effective plan to mature a cloud security posture over time, leveraging security capabilities offered by cloud providers to leapfrog in security capabilities
- Explain the security vision of the organization in the Cloud domain to your Board Directors and executives, collaborate with your peers, and engage your workforce, driving the security culture change required for the cloud transformation
LDR520 uses case scenarios, group discussions, team-based security leadership simulations with embedded real life technical components to help students absorb both technical and management topics. About 60 minutes per day is dedicated to these learning experiences using the Cyber42 leadership simulation game. This web application-based game is a continuous exercise where students play to improve security culture, manage budget and schedule, and improve security capabilities at a fictional organization. This puts you in real-world scenarios that spur discussion and critical thinking of situations that you will encounter at work.
- Section 1: Cloud security planning, Landing Zone, IAM account and access
- Section 2: Config management, Container/Image management security, Firewall/Network architecture
- Section 3: Data Protection, Security monitoring, Cost Management
- Section 4: Application Protection, Security validation and assessment, Validation and security testing
- Section 5: Capstone
"Loved the labs. They really help emphasize what we are learning." - Jana Laney
"Team is collaborative. We are all able to bounce ideas of each other comfortably and using AWS to get hands on makes it feel more real than if we were answering questions on a quiz." - Richard Sanders, Best Western International
Syllabus Summary
- Section 1: Cloud Security Fundamentals and Identity Management
- Section 2: Cloud Security Environment Protection and Architecture
- Section 3: Data Protection, Security Detection and Cloud Security Governance
- Section 4: Securing Workload and Security Assurance
- Section 5: Roadmap Planning and Capstone Exercise
Additional Free Resources:
- Cloud Security Maturity Model Framework
- The 8 Domains of the Cloud Security Maturity Model
- Three Cloud Security Differentiators for Leaders, Oct 2023
- Guidance on Leading Cloud Security Journey, Sept 2023
- Cloud Security Maturity Model Poster
- Cloud Ace Podcast
- Printed and Electronic courseware
- MP3 audio files of the course
- Access to the Cyber42 web application
- LDR516: Building and Leading Vulnerability Management Programs
- LDR521: Security Culture for Leaders
- SEC488: Cloud Security Essentials
Enquire
Start date | Location / delivery | |
---|---|---|
No fixed date | Virtual | Book now |