Building and Leading a Cloud Security Program
Cloud adoption is popular across all types of industry, and many organizations are taking strategic advantage of the cost and speed benefits of transitioning to the cloud. Organizations are migrating mission-critical workloads and sensitive data to private and public cloud solutions. However, while the cloud environment may appear similar to running a traditional IT environment on the premises, the cloud solutions protection requirements are in fact very different because the traditional network perimeter is no longer the best line of defense and the threat vectors are not the same. Effective defense of the organizations cloud environment requires significant planning and governance by a well-informed management team.
SANS MGT520: Leading Cloud Security Design and Implementation focuses on what managers, directors, and security leaders need to know to develop their cloud security roadmap, to manage the implementation of cloud security capabilities, as well as how to operate the cloud environment post-transition. Making the right security decisions when adopting the cloud requires understanding the technology, process, and people related to the cloud environment. This complements traditional IT management techniques that managers are accustomed to and helps with making the appropriate informed decisions.
This Course Will Prepare You To:
- Define a strategy for securing a workload in the cloud for medium-size and large enterprises that can support their business objectives
- Establish a security roadmap based on the security strategy that can support a fast-paced cloud adoption and migration path while maintaining a high degree of security assurance
- Understand the security basics of the cloud environment across different types of service offerings, then explain and justify to other stakeholders the decisions within the security roadmap
- Build an effective plan to mature a cloud security posture over time, leveraging security capabilities offered by cloud providers to leapfrog in security capabilities
- Explain the security vision of the organization in the Cloud domain to your Board Directors and executives, collaborate with your peers, and engage your workforce, driving the security culture change required for the cloud transformation
We will walk through the key aspects of managing cloud transition and ensuring security in the continuous operations post-migration that are common across organizations on the same journey. We will cover the key objectives of security controls in the cloud environment, including planning, deploying, and running the environment from the starting point to a progressively more mature state. There will be a focus on locking down the environment, securing the data, maintaining compliance, enhancing security visibility to the operations, and managing the security response on a continuous basis. Students will learn the essentials to lead the security effort for the cloud transition journey.
"This type of training, ie: cloud security from a management perspective, is rare and the quality of this one is definitely amazing." - Benoit Ramillion, UEFA
NOTICE TO STUDENTS
This course will have limited overlap with the SANS SEC488: Cloud Security Essentials course because it will provide foundational information on cloud services and cloud security to ensure that students are on the same page. This course focuses on what managers, directors, and security leaders need to know about developing their cloud security plan/roadmap and managing implementation of cloud security capabilities.
WHAT YOU WILL RECEIVE
- Printed and Electronic courseware
- MP3 audio files of the course
- Digital download package with VM
WHAT TO TAKE NEXT
MGT516: Managing Security Vulnerabilities: Enterprise & Cloud
SEC557: Continuous Automation for Enterprise and Cloud Compliance
Important! You will need your own system configured according to these instructions!
A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.
CRITICAL NOTE: Apple systems using the M1 processor line cannot perform the necessary virtualization functionality and therefore cannot in any way be used for this course.
!!! IMPORTANT NOTICE !!!
Mandatory: Students must have their own Amazon Web Services (AWS) account to complete the cloud exercises. Please ensure you have done the following before class starts:
- Register for a personal free-tier account. (https://portal.aws.amazon.com/billing/signup)
- Activate your new account.
- Log in to the AWS Console with your root account.
- Browse to the EC2 Service and verify that you see the dashboard.
OnDemand Students Only: There is a cost for maintainingi the AWS account for the duration of the course. It is estimated to be $7 per month. (Live Online and In Person formats can be fulfilled by the free tier account with no fees expected for the AWS account.)
HAVE YOUR OWN LAPTOP CONFIGURED USING THE FOLLOWING DIRECTIONS:
A properly configured system is required for each student participating in this course. Before starting the course, carefully read and follow these instructions exactly:
- Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux.
- It is necessary to fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
Mandatory Host Hardware Requirements
- CPU: 64-bit 2.0+ GHz multi-core processor or higher
- Hard Disk: 5GB of free disk space minimum
- Memory: 8GB of RAM or higher is required for this class
- Wireless Ethernet 802.11 B/G/N/AC
- Local Administrator Access within your host operating system
Mandatory Host Operating System Requirements
You must use a 64-bit laptop with one of the following operating systems:
- Latest version of Windows 10, macOS 10.15.x or later or Linux with full graphical user interface.
Mandatory Software Requirements
Prior to class, ensure that the following software is installed on the host operating system:
- Adobe Acrobat or other PDF reader application
- Google Chrome Browser: You need the Google Chrome browser installed on your system before you arrive for class. The course exercises have been tested with Chrome and not other browsers. You can download Chrome from here.
If you have additional questions about the laptop specifications, please contact email@example.com.
"Cloud transition is common in many organizations these days, but many security leaders feel overwhelmed and underprepared for the security aspects of the cloud. When organizations accept security as an integral part of the transformation path, they can not only achieve the same level of security as their in-house IT environment, but also take advantage of a huge opportunity to leapfrog in security using cloud capabilities. In MGT520, we discuss industry-proven techniques to plan for the security aspects of cloud transformation. This course will arm students with the necessary information to confidently lead their organization towards securing the cloud workload and leveraging cloud capabilities to further enhance their security maturity in the IT environment." - Jason Lam
"I like how the content builds and progresses. Jason clearly thought a lot about how to sequence the information to make it easy to digest." - Jim Pruitt, Revolutionary Security